diff --git a/README.md b/README.md index a5506dd..b74b770 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ ![Docker Build](https://github.com/BobTheShoplifter/Spring4Shell-POC/actions/workflows/docker-publish.yml/badge.svg) ![Docker App Build](https://github.com/BobTheShoplifter/Spring4Shell-POC/actions/workflows/app-docker-publish.yml/badge.svg) ![Stars](https://img.shields.io/github/stars/BobTheShoplifter/Spring4Shell-POC?style=social) ![Docker Run](https://img.shields.io/github/followers/BobTheShoplifter?label=Follow&style=social) -Spring4Shell (CVE-2022-22965) Proof Of Concept/Information + A vulnerable Tomcat server with a vulnerable spring4shell application. +Spring4Shell (CVE-2022-22965) Proof Of Concept/Information + [A vulnerable Tomcat server with a vulnerable spring4shell application.](vulnerable-tomcat/) Early this morning, multiple sources has informed of a possible RCE exploit in the popular java framework spring. @@ -12,25 +12,21 @@ The naming of this flaw is based on the similarities to the infamous Log4j LOG4S ## Details about this vulnerability -- [https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html](https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html) -- [https://bugalert.org/content/notices/2022-03-29-spring.html](https://bugalert.org/content/notices/2022-03-29-spring.html) - [https://websecured.io/blog/624411cf775ad17d72274d16/spring4shell-poc](https://websecured.io/blog/624411cf775ad17d72274d16/spring4shell-poc) - [https://www.springcloud.io/post/2022-03/spring-0day-vulnerability](https://www.springcloud.io/post/2022-03/spring-0day-vulnerability) - [https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement](https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement) -## Vulnerable Tomcat server - -I have now made a docker image for this, which includes a vulnerable spring + tomcat application. +## POC Usage -The application should be enough to test this vulnerability. +The usage is simple! You can either run the docker image, or just run the python script! -[Please see (vulnerable-tomcat/README.md)](vulnerable-tomcat/README.md) +Please see vulnerable-tomcat for inscructions on setting up your own spring4shell vulnerable application [here!](vulnerable-tomcat/) -## Requirements +### Requirements -- Python3 Or Docker +- Python3 or [Docker](https://hub.docker.com/r/bobtheshoplifter/spring4shell-poc) -## Usage +### Python ```python pip install -r requirements.txt @@ -39,9 +35,12 @@ poc.py --help ![image](https://user-images.githubusercontent.com/22559547/161398549-05d279b2-51d6-49fb-9245-018747606321.png) +### Docker + ```sh +## Dockerhub docker pull bobtheshoplifter/spring4shell-poc:latest -docker run ghcr.io/bobtheshoplifter/spring4shell-poc:main --url https://example.io/ +docker run bobtheshoplifter/spring4shell-poc:latest --url https://example.io/ ## Github docker repository docker pull ghcr.io/bobtheshoplifter/spring4shell-poc:main docker run ghcr.io/bobtheshoplifter/spring4shell-poc:main --url https://example.io/ @@ -49,6 +48,14 @@ docker run ghcr.io/bobtheshoplifter/spring4shell-poc:main --url https://example. ![image](https://user-images.githubusercontent.com/22559547/161400099-fb6c4f02-9d48-457a-8c91-041a9a8438b7.png) +## Vulnerable Tomcat server + +I have now made a docker image for this, which includes a vulnerable spring + tomcat application. + +The application should be enough to test this vulnerability. + +[Please see (vulnerable-tomcat/README.md)](vulnerable-tomcat/README.md) + ## Mitigations !!(The following mitigations are only theoretical as nothing has been confirmed)!!