Skip to content

rive-n/SpringShell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
src
src
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
exp.py
exp.py
 
 
exploit.pdf
exploit.pdf
 
 
poc.py
poc.py
 
 
pom.xml
pom.xml
 
 

Repository files navigation

SpringShell

Deploy

mvn package -> Will create .war file
docker build . -t spring -> Will create docker image
docker run --rm -d -p 8080:8080 --name spring spring:latest -> Will create container
docker build . -t spring && docker run --rm -d -p 8080:8080 --name spring spring:latest && sleep 5 && python3 poc.py -> Will create container and execute PoC

Results:

docker logs -f <container_id> or docker logs -f (docker ps -a -q)

deploy <Response [200]>
webshell <Response [404]>
webshell <Response [500]>
webshell http://localhost:8080/tomcatwar.jsp?cmd=whoami
root

Info:

https://github.com/rive-n/SpringShell/blob/master/exploit.pdf

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages