Crudely crafted proof of concept for the vulnerability described in LPS-27046 it targets the default liferay ce 6.1 distributable. To try it out
-
download liferay ce 6.1 from http://www.liferay.com/downloads/liferay-portal/available-releases ,unzip it, start it and configure it.
-
To run the exploit
on windows execute : gradlew.bat
on unixes execute : ./gradlew
Wait and after some time it will create a new administrator account on the instance