Metasploit Module For Apache Struts 2 REST (CVE-2017-9805)
A metasploit module designed for exploiting this vulnerability was released today. Using this module, vulnerable websites can be exploited and easily gain a shell. The name of this module is ‘struts2_rest_xstream’
How to install Metasploit Module for Struts?
Download Metasploit Module For Apache Struts 2 REST (CVE-2017-9805)
First you have to download the module by executing the command
Next you will have to move this downloaded file to metasploits directory
cp struts2_rest_xstream.rb /usr/share/metasploit-framework/modules/exploits/multi/http/
Now start metasploit to check whether the module is being loaded correctly.
Now load the module by running