Spring4Shell-POC
Spring4Shell-POC
Spring4Shell-POC | Spring4Shell-POC | |
---|---|---|
1 | 6 | |
103 | 348 | |
0.0% | - | |
0.0 | 0.0 | |
almost 2 years ago | over 1 year ago | |
Python | Python | |
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Spring4Shell-POC
-
Spring4Shell: An Application Vulnerable to RCE
The amazing group of members at Lunasec developed a Java Web Application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965), The Application is dockerized so that it can be easily implemented, The Application was built based on the tutorials provided on the official Documentation of Spring for Form Handling. Github Link: https://github.com/lunasec-io/Spring4Shell-POC
Spring4Shell-POC
-
help needed
Hey guys, I'm rewriting this poc for spring4shell in c .
- A Java Springcore RCE 0day exploit has been leaked. It was leaked by a Chinese security researcher who, since sharing and/or leaking it, has deleted their Twitter account.
-
Spring4Shell Details and Exploit code leaked
It's quite trivial to build a working POC using the steps at https://github.com/BobTheShoplifter/Spring4Shell-POC
-
Spring4Shell: 0-day RCE on Spring Core
I have tried all the steps in the referenced PDF and lunasec link. I also went to https://github.com/BobTheShoplifter/Spring4Shell-POC and tried poc.py - no success. I am not able to reproduce it on Spring Boot 2.6.4 with java 11.
-
SpringShell: Spring Core RCE 0-day Vulnerability
Created a repo for the issue, https://github.com/BobTheShoplifter/Spring4Shell-POC ill update it as we explore the issue
What are some alternatives?
nuclei-templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.
Spring - Spring Framework
UnSAFE_Bank - Vulnerable Banking Suite
SpringShell - Spring4Shell - Spring Core RCE - CVE-2022-22965
Spring4Shell-Detection - Lazy SPL to detect Spring4Shell exploitation
spring-rce-vulnerable-app - Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.
VAmPI - Vulnerable REST API with OWASP top 10 vulnerabilities for security testing
SpringCore0day - SpringCore0day from https://share.vx-underground.org/ & some additional links
CVE-2022-22965 - 🚀 Exploit for Spring core RCE in C [ wip ]
spring-rce-war
springcore-0day-en - Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.