PoC-CVE-2022-30190
SpringShell
PoC-CVE-2022-30190 | SpringShell | |
---|---|---|
1 | 2 | |
156 | 128 | |
- | - | |
2.6 | 1.8 | |
almost 2 years ago | about 2 years ago | |
Python | Python | |
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
PoC-CVE-2022-30190
SpringShell
-
Spring Core on JDK9 is vulnerable to remote code execution
I'll ask my engineers to post the one he wrote. He did put more details into the article, so go check that. Here is a repo with a POC though: https://github.com/TheGejr/SpringShell
What are some alternatives?
DogWalk-rce-poc - š¾Dogwalk PoC (using diagcab file to obtain RCE on windows)
hackerone-reports - Top disclosed reports from HackerOne
tomcat-jmxproxy-rce-exp - Apache Tomcat JMXProxy RCE
Spring4Shell-POC - Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
Egyscan - Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
apache-tomcat-8.0.26-src - Tomcat Source Code
Dossify
spring-rce-war
faraday - Open Source Vulnerability Management Platform
CVE-2022-26134 - CVE-2022-26134 - Atlassian Confluence unauthenticated OGNL injection vulnerability (RCE).