spring-rce-poc

Testing CVE-2022-22968
Simple app vulnerable to CVE-2022-22968

Dockerfile could be used to build it on vulnerable version of Tomcat (9.0.59)
exploit.sh is a shell script which is trying to exploit this cve on 8080 port of localhost

If attack with exploit.sh was succesfull, on context of http://localhost:8080/shell.jsp on a target app should be accessible
simple JSP website with basic webshell.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
src/main		src/main
Dockerfile		Dockerfile
README.md		README.md
exploit.sh		exploit.sh
pom.xml		pom.xml
run.sh		run.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

spring-rce-poc

About

Releases

Packages

Languages

MarcinGadz/spring-rce-poc

Folders and files

Latest commit

History

Repository files navigation

spring-rce-poc

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages