update versions and add quick module docs

Brent Cook · Brent Cook · commit 54a62976f8f4 · 2017-09-08T13:59:29.000-05:00
diff --git a/documentation/modules/exploit/multi/http/struts2_rest_xstream.md b/documentation/modules/exploit/multi/http/struts2_rest_xstream.md
@@ -0,0 +1,47 @@
+`struts2_rest_xstream` is a module that exploits Apache Struts 2's REST plugin, using the XStream handler to deserialise XML requests perform arbitrary code execution.
+
+## Vulnerable Application
+
+Apache Struts versions 2.1.2 - 2.3.33 and Struts 2.5 - Struts 2.5.12
+
+You can download these versions here with any version of Apache Tomcat:
+
+http://archive.apache.org/dist/struts/
+
+You will also need to install a Struts 2 showcase application, which can be found here:
+
+https://mvnrepository.com/artifact/org.apache.struts/struts2-rest-showcase
+
+## Options
+
+**TARGETURI**
+
+The path to a struts application action
+
+**VHOST**
+
+The HTTP server virtual host. You will probably need to configure this as well, even though it is set as optional.
+
+## Demonstration
+
+**The Check Command**
+
+The `struts2_rest_xstream` module comes with a check command that can effectively check if the remote host is vulnerable or not. To use this, configure the msfconsole similar to the following:
+
+```
+set VERBOSE true
+set RHOST [IP]
+set TARGETURI [path to the Struts app with an action]
+```
+
+When the module is in verbose mode, the `check` command will try to tell you the OS information, and whether or not the machine is vulnerable. Like this:
+
+```
+msf exploit(struts2_rest_xstream) > check
+
+[+] 10.1.11.11:8080 The target appears to be vulnerable.
+```
+
+**Exploiting the Host**
+
+After identifying the vulnerability on the target machine, you can try to exploit it. Be sure to set TARGETURI to the correct URI for your application, and the TARGET variable for the appropriate host OS.
diff --git a/modules/exploits/multi/http/struts2_rest_xstream.rb b/modules/exploits/multi/http/struts2_rest_xstream.rb
@@ -15,8 +15,9 @@ def initialize(info = {})
     super(update_info(info,
       'Name'           => 'Apache Struts 2 REST Plugin XStream RCE',
       'Description'    => %q{
-        Apache Struts versions 2.5 through 2.5.12 using the REST plugin are
-        vulnerable to a Java deserialization attack in the XStream library.
+        Apache Struts versions 2.1.2 - 2.3.33 and Struts 2.5 - Struts 2.5.12,
+        using the REST plugin, are vulnerable to a Java deserialization attack
+        in the XStream library.
       },
       'Author'         => [
         'Man Yue Mo', # Vulnerability discovery
