Spring4Shell-POC : Dockerized Spring4Shell (CVE-2022-22965) PoC Application And Exploit

Spring4Shell-POC is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965). Full Java source for the war is provided and modifiable, the war will get re-built whenever the docker image is built. The built WAR will then be loaded by Tomcat. There is nothing special about this application, it’s a simple hello world that’s based off Spring tutorials.

Requirements

• Docker
• Python3 + requests library

Instructions

• Clone the repository
• Build and run the container: docker build . -t spring4shell && docker run -p 8080:8080 spring4shell
• App should now be available at http://localhost:8080/helloworld/greeting
• Run the exploit.py script: python exploit.py --url "http://localhost:8080/helloworld/greeting"
• Visit the created webshell! Modify the cmd GET parameter for your commands. (http://localhost:8080/shell.jsp by default)