SpringShell
Spring4Shell - Spring Core RCE - CVE-2022-22965 (by TheGejr)
Spring4Shell-POC
Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965 (by BobTheShoplifter)
| SpringShell | Spring4Shell-POC | |
|---|---|---|
| 2 | 6 | |
| 128 | 368 | |
| 0.0% | 0.5% | |
| 1.8 | 0.0 | |
| over 3 years ago | almost 3 years ago | |
| Python | Python | |
| - | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SpringShell
Posts with mentions or reviews of SpringShell.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-03-30.
-
Spring Core on JDK9 is vulnerable to remote code execution
I'll ask my engineers to post the one he wrote. He did put more details into the article, so go check that. Here is a repo with a POC though: https://github.com/TheGejr/SpringShell
Spring4Shell-POC
Posts with mentions or reviews of Spring4Shell-POC.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-03-03.
-
help needed
Hey guys, I'm rewriting this poc for spring4shell in c .
- A Java Springcore RCE 0day exploit has been leaked. It was leaked by a Chinese security researcher who, since sharing and/or leaking it, has deleted their Twitter account.
-
Spring4Shell Details and Exploit code leaked
It's quite trivial to build a working POC using the steps at https://github.com/BobTheShoplifter/Spring4Shell-POC
-
Spring4Shell: 0-day RCE on Spring Core
I have tried all the steps in the referenced PDF and lunasec link. I also went to https://github.com/BobTheShoplifter/Spring4Shell-POC and tried poc.py - no success. I am not able to reproduce it on Spring Boot 2.6.4 with java 11.
-
SpringShell: Spring Core RCE 0-day Vulnerability
Created a repo for the issue, https://github.com/BobTheShoplifter/Spring4Shell-POC ill update it as we explore the issue
What are some alternatives?
When comparing SpringShell and Spring4Shell-POC you can also consider the following projects:
PoC-CVE-2022-30190 - POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina
Spring4Shell-POC - This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).
hackerone-reports - Top disclosed reports from HackerOne
spring-rce-vulnerable-app - Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.
spring-rce-war
CVE-2022-22965 - 🚀 Exploit for Spring core RCE in C [ wip ]