i have already tried the same after reading the python code :

def exploit(url, cmd, dont_print_status_on_console=False): url = url_prepare(url) if dont_print_status_on_console is False: print(‘\n[*] URL: %s’ % (url)) print(‘[*] CMD: %s’ % (cmd)) cmd = “”.join([“<string>{0}</string>”.format(_) for _ in cmd.split(“ “)])
https://github.com/mazen160/struts-pwn_CVE-2017-9805/blob/master/struts-pwn.py

don’t but powershell not launching i event tried to see the process using process explorer . however when i put powershell as standalone string it create a process under tomcat !! i wonder where i am going wrong

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
AliBawazeEer

AliBawazeEer

More from Medium

STREET BEATS HOME

STARTING AGAIN

UrbanGo