https://github.com/aancw/spring4shell-poc-lab
PoC Lab for Spring4shell vulnerability
https://github.com/aancw/spring4shell-poc-lab
rustlang spring4shell springshell
Last synced: 2 months ago
JSON representation
PoC Lab for Spring4shell vulnerability
- Host: GitHub
- URL: https://github.com/aancw/spring4shell-poc-lab
- Owner: aancw
- License: mit
- Created: 2022-04-01T15:14:35.000Z (about 3 years ago)
- Default Branch: main
- Last Pushed: 2022-04-05T08:49:38.000Z (about 3 years ago)
- Last Synced: 2025-02-14T23:17:06.433Z (4 months ago)
- Topics: rustlang, spring4shell, springshell
- Language: Shell
- Homepage:
- Size: 15.9 MB
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Spring4shell-poc-lab
PoC Lab for Spring4shell vulnerability.
## Requirements
- Docker
## Building the Lab
- Install docker
- Run the bash script
```bash
sh deploy.sh
```
- Wait until container is up
- Happy hacking!
## Detail Informations
- https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html
- https://www.springcloud.io/post/2022-03/spring-0day-vulnerability/#gsc.tab=0
- https://www.praetorian.com/blog/spring-core-jdk9-rce/
## Spring Patch
- https://github.com/spring-projects/spring-framework/commit/7f7fb58dd0dae86d22268a4b59ac7c72a6c22529
## Acknowledgment
- Thank you to Retrospected for the .war file https://github.com/Retrospected/spring-rce-poc