Shulou(Shulou.com)05/31 Report--

What this article shares with you is about how the ActiveMQ remote code execution vulnerability CVE-2016-3088 is reproduced. The editor thinks it is very practical, so I share it with you to learn. I hope you can get something after reading this article.

ActiveMQ is a message-driven middleware software under the Apache Software Foundation. Jetty is a servlet container, which is a Java-based web container, such as JSP and servlet runtime environments. Jetty is integrated by default in ActiveMQ 5.0 and later. After launching a Web application that monitors ActiveMQ.

The following is only for vulnerability recurrence record and implementation, and the utilization process is as follows:

1. Vulnerability environment

Link: http://192.168.101.152:8161

two。 Utilization

Access link: http://192.168.101.152:8161/admin/test/systemProperties.jsp

The default account password is: admin/admin

Get the real path.

Use PUT method to upload pony to / fileserver/ directory

Access target, no resolution

Use the MOVE method to transfer it to the api or admin directory

Destination: file:///opt/activemq/webapps/api/q.jsp

Visit after uploading successfully, and execute

Successful execution

This is how the ActiveMQ remote code execution vulnerability CVE-2016-3088 is reproduced. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.