Posted by Pedro Ribeiro on Jan 07

Someone has asked me how CVE-2014-5302 can be exploited.

There are 3 things you got to have in mind:
1 – send a null byte (%00) after the file name
2 – send the request as mime type application/octet-stream
3 – send only ASCII data in the request body

Unfortunately it’s not as trivial as uploading an ASCII webshell to
the web root. Because of the way these applications are packaged, the
JSP compiler is not set automatically in the…