Spring4Shell-POC
Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965 (by BobTheShoplifter)
spring-rce-vulnerable-app
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability. (by lunasec-io)
| Spring4Shell-POC | spring-rce-vulnerable-app | |
|---|---|---|
| 6 | 1 | |
| 348 | 30 | |
| - | - | |
| 0.0 | 7.2 | |
| over 1 year ago | about 2 years ago | |
| Python | Java | |
| - | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Spring4Shell-POC
Posts with mentions or reviews of Spring4Shell-POC.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-03-03.
-
help needed
Hey guys, I'm rewriting this poc for spring4shell in c .
- A Java Springcore RCE 0day exploit has been leaked. It was leaked by a Chinese security researcher who, since sharing and/or leaking it, has deleted their Twitter account.
-
Spring4Shell Details and Exploit code leaked
It's quite trivial to build a working POC using the steps at https://github.com/BobTheShoplifter/Spring4Shell-POC
-
Spring4Shell: 0-day RCE on Spring Core
I have tried all the steps in the referenced PDF and lunasec link. I also went to https://github.com/BobTheShoplifter/Spring4Shell-POC and tried poc.py - no success. I am not able to reproduce it on Spring Boot 2.6.4 with java 11.
-
SpringShell: Spring Core RCE 0-day Vulnerability
Created a repo for the issue, https://github.com/BobTheShoplifter/Spring4Shell-POC ill update it as we explore the issue
spring-rce-vulnerable-app
Posts with mentions or reviews of spring-rce-vulnerable-app.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-03-30.
-
Spring4Shell: 0-day RCE on Spring Core
Thank you, this does clarify things a bit. What confused me is the constant referencing of SerializationUtils as in https://github.com/lunasec-io/spring-rce-vulnerable-app/blob/main/src/main/java/fr/christophetd/log4shell/vulnerableapp/MainController.java
What are some alternatives?
When comparing Spring4Shell-POC and spring-rce-vulnerable-app you can also consider the following projects:
Spring - Spring Framework
Spring4Shell-POC - Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
Spring4Shell-POC - This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).
SpringCore0day - SpringCore0day from https://share.vx-underground.org/ & some additional links
SpringShell - Spring4Shell - Spring Core RCE - CVE-2022-22965
Spring4Shell-Detection - Lazy SPL to detect Spring4Shell exploitation
CVE-2022-22965 - 🚀 Exploit for Spring core RCE in C [ wip ]
spring-rce-war
springcore-0day-en - Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.
Spring4Shell-POC vs Spring
spring-rce-vulnerable-app vs Spring4Shell-POC
Spring4Shell-POC vs Spring4Shell-POC
spring-rce-vulnerable-app vs SpringCore0day
Spring4Shell-POC vs SpringShell
Spring4Shell-POC vs SpringCore0day
Spring4Shell-POC vs Spring4Shell-Detection
Spring4Shell-POC vs CVE-2022-22965
Spring4Shell-POC vs spring-rce-war
Spring4Shell-POC vs springcore-0day-en