📋 Description ​StrutsScan is a powerful and automated utility designed to detect critical Remote Code Execution (RCE) vulnerabilities in Apache Struts 2 frameworks. It allows penetration testers and security researchers to scan single URLs or bulk lists to identify potential security flaws based on OGNL injection and improper header handling. ​This tool focuses on accuracy and speed, utilizing multi-threading to scan large scopes efficiently.

StrutsScan: Advanced Apache Struts 2 Vulnerability Scanner

   _____ _             _         _____
  / ____| |           | |       / ____|
 | (___ | |_ _ ___   _| |_ ___ | (___   ___ __ _ _ __
  \___ \| __| '__| | | | __/ __| \___ \ / __/ _` | '_ \
  ____) | |_| |  | |_| | |_\__ \ ____) | (_| (_| | | | |
 |_____/ \__|_|   \__,_|\__|___/|_____/ \___\__,_|_| |_|

             [ Developed for Security Researchers ]

🚀 Key Features
Multi-CVE Support: Detects major vulnerabilities like S2-045, S2-046, S2-057, S2-059, S2-061, and S2-062.
RCE Verification: Automatically attempts to verify RCE by executing harmless commands (e.g., id, whoami).
Bulk Scanning: Supports scanning from a text file containing multiple URLs.
Multi-threading: High-speed scanning using Python threads.
Proxy Support: Compatible with HTTP/HTTPS proxies (e.g., Burp Suite) for traffic analysis.
Report Generation: Saves vulnerable results to a clean text file.

🛠️ Supported Vulnerabilities
Advisory Type Description
CVE-2017-5638 S2-045 RCE Content-Type Header Injection
CVE-2017-5638 S2-046 RCE Content-Disposition Header Injection
CVE-2018-11776 S2-057 RCE Namespace OGNL Injection
CVE-2019-0230 S2-059 RCE Forced double OGNL evaluation
CVE-2020-17530 S2-061 RCE OGNL Evaluation in attributes
📦 Installation
1. Clone the repository:
git clone [https://github.com/vishal8736/StrutsScan.git](https://github.com/vishal8736/StrutsScan.git)
cd StrutsScan

2.Install dependencies:
pip3 install -r requirements.txt

💻 Usage
Basic Scan (Single URL)
python3 struts_scan.py -u [http://target-site.com/index.action](http://target-site.com/index.action)

Bulk Scan (List of URLs)
python3 struts_scan.py -l urls.txt

Remote Code Execution (Exploit Mode)
python3 struts_scan.py -u [http://target-site.com/index.action](http://target-site.com/index.action) --cmd "id"

Using Proxy (e.g., Burp Suite)
python3 struts_scan.py -u [http://target.com](http://target.com) --proxy "[http://127.0.0.1:8080](http://127.0.0.1:8080)"

⚙️ Command Line Options

Argument Description
-u, --url Target URL to scan (e.g., http://example.com/login.action).
-l, --list Path to a text file containing a list of URLs.
--cmd Command to execute on the vulnerable server (default: whoami).
--proxy HTTP proxy address (e.g., http://127.0.0.1:8080).
-t, --threads Number of threads to use (default: 10).
-o, --output File to save vulnerable results.
-h, --help Show this help message and exit.


⚠️ Legal Disclaimer
PLEASE READ CAREFULLY:
This tool is developed for educational purposes and authorized security testing only. The developer is not responsible for any misuse or damage caused by this tool. Scanning targets without prior mutual consent is illegal and a violation of local and international laws.
By using this tool, you agree that you are responsible for your own actions.

🤝 Contributing
Contributions, issues, and feature requests are welcome!
Fork the Project
Create your Feature Branch (git checkout -b feature/AmazingFeature)
Commit your Changes (git commit -m 'Add some AmazingFeature')
Push to the Branch (git push origin feature/AmazingFeature)
Open a Pull Request
📝 License
Distributed under the MIT License. See LICENSE for more information.
Made with ❤️ by 🌸 Vishal ❤️ subhi 🌸
Gmail vishalsharma852863@gmail.com