{"id":15180671,"url":"https://github.com/0x727/springbootexploit","last_synced_at":"2025-10-01T22:31:23.285Z","repository":{"id":37760086,"uuid":"419950117","full_name":"0x727/SpringBootExploit","owner":"0x727","description":"项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。","archived":true,"fork":false,"pushed_at":"2024-01-15T07:19:09.000Z","size":149,"stargazers_count":1821,"open_issues_count":17,"forks_count":311,"subscribers_count":23,"default_branch":"main","last_synced_at":"2024-11-21T14:38:43.537Z","etag":null,"topics":["exp","exploit","spring","springboot","vul","vulnerability"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0x727.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-10-22T03:11:17.000Z","updated_at":"2024-11-21T08:11:20.000Z","dependencies_parsed_at":"2024-11-28T04:45:28.030Z","dependency_job_id":null,"html_url":"https://github.com/0x727/SpringBootExploit","commit_stats":{"total_commits":39,"total_committers":3,"mean_commits":13.0,"dds":"0.23076923076923073","last_synced_commit":"2a56ec19ee2c69195bbe7ee950cb9c78f60463ac"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x727%2FSpringBootExploit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x727%2FSpringBootExploit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x727%2FSpringBootExploit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x727%2FSpringBootExploit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0x727","download_url":"https://codeload.github.com/0x727/SpringBootExploit/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234908967,"owners_count":18905500,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exp","exploit","spring","springboot","vul","vulnerability"],"created_at":"2024-09-27T16:41:35.495Z","updated_at":"2025-10-01T22:31:22.905Z","avatar_url":"https://github.com/0x727.png","language":"Java","readme":"\u003ch1 align=\"center\" \u003eSpringBootExploit\u003c/h1\u003e\n\u003ch3 align=\"center\" \u003e一款针对SpringBootEnv页面进行快速漏洞利用\u003c/h3\u003e\n \u003cp align=\"center\"\u003e\n    \u003ca href=\"https://github.com/0x727/SpringBootExploit\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/0x727/SpringBootExploit\"\u003e\u003cimg alt=\"SpringBootExploit\" src=\"https://img.shields.io/badge/SpringBootExploit-green\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/0x727/SpringBootExploit\"\u003e\u003cimg alt=\"Forks\" src=\"https://img.shields.io/github/forks/0x727/SpringBootExploit\"\u003e\u003c/a\u003e\n     \u003ca href=\"https://github.com/0x727/SpringBootExploit\"\u003e\u003cimg alt=\"Release\" src=\"https://img.shields.io/github/release/0x727/SpringBootExploit.svg\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/0x727/SpringBootExploit\"\u003e\u003cimg alt=\"Stars\" src=\"https://img.shields.io/github/stars/0x727/SpringBootExploit.svg?style=social\u0026label=Stars\"\u003e\u003c/a\u003e\n     \u003ca href=\"https://github.com/SummerSec\"\u003e\u003cimg alt=\"Follower\" src=\"https://img.shields.io/github/followers/SummerSec.svg?style=social\u0026label=Follow\"\u003e\u003c/a\u003e\n     \u003ca href=\"https://github.com/SummerSec\"\u003e\u003cimg alt=\"Visitor\" src=\"https://visitor-badge.laobi.icu/badge?page_id=SummerSec.SpringBootExploit\"\u003e\u003c/a\u003e\n\t\u003ca href=\"https://twitter.com/SecSummers\"\u003e\u003cimg alt=\"SecSummers\" src=\"https://img.shields.io/twitter/follow/SecSummers.svg\"\u003e\u003c/a\u003e\n\t\u003ca xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xlink:href=\"https://visitor-badge.laobi.icu\"\u003e\u003crect fill=\"rgba(0,0,0,0)\" height=\"20\" width=\"49.6\"/\u003e\u003c/a\u003e\n\t\u003ca xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xlink:href=\"https://visitor-badge.laobi.icu\"\u003e\u003crect fill=\"rgba(0,0,0,0)\" height=\"20\" width=\"17.0\" x=\"49.6\"/\u003e\u003c/a\u003e\n\t\u003c/p\u003e\n\n\n\n\n\n## 📝 TODO\n\n* 支持Eureka XStream deserialization RCE\n* 支持Fastjson 内存马注入\n* 支持更多可以使用JNDI内存马注入反序列化漏洞\n* 支持内存马路径和密码修改\n\n........\n\n\n\n\n----\n\n## :dragon:来龙去脉\n\n项目是根据[Spring Boot Vulnerability Exploit Check List](https://github.com/LandGrey/SpringBootVulExploit)清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。\n\n\n\n----\n\n\n\n##  :zap: 下载安装\n\n1. 从[releases](https://github.com/0x727/SpringBootExploit/releases)下载最新版Spring Boot Exploit压缩包，配合[JNDIExploit](https://github.com/0x727/JNDIExploit)使用。（:star:推荐）\n2. \n    1. git clone https://github.com/0x727/SpringBootExploit \n    2. git clone https://github.com/0x727/JNDIExploit （目前不对外开放）\n    3. mvn clean package -DskipTests 分别打SpringBootExploit包和JNDIExploit\n\n\n\n----\n\n## :clapper:使用方法\n\n1. 首先在服务器上上传打包好的JNDIExploit工具，解压。使用命令启动java -jar JNDIExploit-1.2-SNAPSHOT.jar \n2. 输入目标地址和配置服务器地址，点击连接。出现如下图所示代表连接成功。\n\n\n\n![image](https://user-images.githubusercontent.com/47944478/200214227-e6c61ef1-6068-4553-a083-0c2d203591b1.png)\n\n3. 漏洞利用\n\n    建议首先点击检测环境，会自动判断是否存在漏洞。漏洞验证方法是Check list的方法，如果有更好的方法可以提交工单会考虑添加。\n\n    ![image](https://user-images.githubusercontent.com/47944478/200214192-796332cf-fd56-4f30-b624-e17d2137aa8c.png)\n\n\n    4. 漏洞利用，目前只支持内存马注入\n\n    ![image-20210812110245884](https://gitee.com/samny/images/raw/master/summersec//45u02er45ec/45u02er45ec.png)\n![image](https://user-images.githubusercontent.com/47944478/200214251-03571a05-ae55-47be-88b6-00cd5de4a737.png)\n\n\n\n\n\n---\n\n## :b:免责声明\n\n该工具仅用于安全自查检测\n\n由于传播、利用此工具所提供的信息而造成的任何直接或者间接的后果及损失，均由使用者本人负责，作者不为此承担任何责任。\n\n本人拥有对此工具的修改和解释权。未经网络安全部门及相关部门允许，不得善自使用本工具进行任何攻击活动，不得以任何方式将其用于商业目的。\n\n\n\n----\n\n\n\n## :book: 参考项目\n\nhttps://github.com/woodpecker-appstore/springboot-vuldb\n\n\n\n---\n\n![as](https://starchart.cc/0x727/SpringBootExploit.svg)\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0x727%2Fspringbootexploit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0x727%2Fspringbootexploit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0x727%2Fspringbootexploit/lists"}