Immunity, Inc.
Name wp_struts2_cmdexec
CVE cve-2010-1870
Exploit Pack White_Phosphorus
DescriptionStruts2 Command Execution
NotesVENDOR: Apache
Notes: This module has unique payloads.
Payloads:
0: Execute Command (blind)
This will execute a command on the server, but you will see no response
1: Execute Command (nc pipe)
This will execute a command on the server, and try to pipe the results back to the specified DataPort
2: TCP Connect Back (nc -e)
This will attempt to spawn a connect back shell using nc with the -e option to the specified DataPort
3: TCP Connect Back Drop Trojan
This will attempt to connect back to the specified DataPort and upload a Mosdef trojan which will connect back
4: Create Web Shell
This is the best option and will upload a webshell and copy it to all the webroots it can find


Repeatability: Unlimited
References: http://blog.o0o.nu/2010/07/cve-2010-1870-struts2xwork-remote.html
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1870
Date public: 2010-07-09
CVE: cve-2010-1870

Learn more about the CANVAS Exploit Pack here: White_Phosphorus