Create CVE-2018-11759-Apache mod_jk access control bypass.bcheck

This is a bcheck to detect CVE-2018-11759. This PoC can be used to test the bcheck: https://github.com/immunIT/CVE-2018-11759
PortSwigger · Feb 28, 2024 · b02e428 · b02e428
1 parent 925fbeb
commit b02e428
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/vulnerabilities-CVEd/CVE-2018-11759-Apache mod_jk access control bypass.bcheck b/vulnerabilities-CVEd/CVE-2018-11759-Apache mod_jk access control bypass.bcheck
@@ -0,0 +1,25 @@
+metadata:
+    language: v2-beta
+    name: "CVE-2018-11759 - Apache mod_jk access control bypass"
+    description: "Checks for CVE-2018-11759 -Apache mod_jk access control bypass"
+    author: "CDonkin"
+    tags: "CVE-2018-11759", "mod_jk"
+
+run for each:
+    potential_path =
+        "/jkstatus",
+        "/jkstatus;"
+
+given host then
+    send request called check:
+        method: "GET"
+        path: {potential_path}
+
+    if "JK Status Manager" in {check.response.body} then
+        report issue:
+            severity: High
+            confidence: certain
+            detail: `jkstatus found at {potential_path}.`
+            remediation: "Apply the relevant patches"
+    end if
+