Skip to content

DissiNL/Spring4Shell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
src/main
src/main
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
exploit.py
exploit.py
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Example of shell exploit

  1. Build java:
mvn package
  1. Build container
docker build -t tomcat-example .
  1. Run:
docker run -d -p 8080:8080 tomcat-example
  1. Run python attack:
python exploit.py

Done!

Shell should be available at: http://localhost:8080/shell.jsp?cmd=id

Run with workaround

Enables the controller advice specified in BinderControllerAdvice

docker run -e "SPRING_PROFILES_ACTIVE=fix" -d -p 8080:8080 tomcat-example`

If you now run the exploit python exploit.py it will not create the file shell.js.
Please beware that this is not a complete workaround until the actual issue is fixed.

About

Example for SpringForShell examples

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages