# Struts2-RCE

**Repository Path**: keyboxdzd/Struts2-RCE

## Basic Information

- **Project Name**: Struts2-RCE
- **Description**: burp插件
- **Primary Language**: Unknown
- **License**: Not specified
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2020-12-21
- **Last Updated**: 2020-12-21

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# Struts2-RCE
A Burp Extender for checking for struts 2 RCE vulnerabilities.

# Description

This burp extension helps identifying Struts2 remote code execution vulnerabilities in struts2 web application. This Burp extension detects following 18 RCEs and they are 

* S2-001 
* S2-007
* S2-008
* S2-012
* S2-013
* S2-014
* S2-015
* S2-016
* S2-019
* S2-029
* S2-032
* S2-033
* S2-037
* S2-045
* S2-048
* S2-053
* S2-057
* S2-DevMode

## Loading the extension

```bash
Burp Suite->Extender->Add->Select the Struts.jar file->Next.
```
Once loaded without any error a new tab will popup within existing burp instance.

## Usage

A single HTTP request can be scanned just by Right clicking on the selected request and click on 'Check for Struts RCE'.


Scanning multiple requests or scanning a complete application requires a complete crawl of the application. Note, this extension will not attempt to find any new parameter rather it will target only the existing parameters.

```bash
Burp->Target->Site map->Contents->Select all the URLs to be scanned->Right click->'Check for Struts RCE'.
```

If the URL or any parameter is prone to any Struts2 vulnerabilities it will populate under the “Struts Finder” tab. If not vulnerable, no data will reflect.

**Note:** Make sure **Extender** is checked under **Session Handling Rules**.
```bash
Burp->Project options->Session Handling Rules->Click on Edit->Scope->Tools Scope->Check mark Extender->Save.
```

**Credits**

* Prakhar Athreya