ronin-rb / community-pocs

A repository of PoCs for ronin-exploits
https://ronin-rb.dev
GNU General Public License v3.0
0 stars 2 forks source link

Add PoC exploit for CVE-2023-46604 #7

Closed postmodern closed 5 months ago

postmodern commented 6 months ago

Add a PoC exploit for CVE-2023-46604, Apache ActiveMQ deserialization vulnerability.

Reference PoCs

Vuln App

How to Submit a PoC

See the CONTRIBUTING file for instructions on how to submit a PoC exploit.

flavorjones commented 5 months ago

I'd like to take a swing at this one, if nobody else is working on it.

postmodern commented 5 months ago

I forgot to mention (and should probably add a note to the issue template about it), that if you need a vulnerable server to test your PoC against, there's this project called vulhub that provides docker-compose files for most all of the CVEs for Open Source projects. They even have one for CVE-2023-46604.