pom.xml

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>com.afs.exploit</groupId>
  <artifactId>spring-break_cve-2017-8046</artifactId>
  <version>1.3</version>
  <name>spring-break_cve-2017-8046</name>
  <description>This is a Java program that exploits Spring Break vulnerability (CVE-2017-8046).</description>
  <properties>
    <maven.compiler.source>1.7</maven.compiler.source>
    <maven.compiler.target>1.7</maven.compiler.target>
  </properties>
  <build>
    <sourceDirectory>src/main/java</sourceDirectory>
    <plugins>
      <plugin>
        <artifactId>maven-compiler-plugin</artifactId>
        <version>3.1</version>
        <configuration>
          <source/>
          <target/>
        </configuration>
      </plugin>
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-assembly-plugin</artifactId>
        <executions>
          <execution>
            <phase>package</phase>
            <goals>
              <goal>single</goal>
            </goals>
            <configuration>
              <archive>
                <manifest>
                  <mainClass>com.afs.exploit.spring.SpringBreakCve20178046</mainClass>
                </manifest>
              </archive>
              <descriptorRefs>
                <descriptorRef>jar-with-dependencies</descriptorRef>
              </descriptorRefs>
            </configuration>
          </execution>
        </executions>
      </plugin>
    </plugins>
  </build>
  <dependencies>
    <dependency>
      <groupId>org.apache.httpcomponents</groupId>
      <artifactId>httpclient</artifactId>
      <version>4.5.5</version>
    </dependency>

      <!--
      This dependency is used for file-handling (uploads). But it's a tradeoff. The options are:
         a) write long and non-elegant filehandling-code manually without libraries and basic java-features
         b) write readable code, no library, but sacrifice compatibility by using Java-1.7+ file-handling features
         c) write short code, use this library and be Java-1.5+ compatible.
      Option C was chosen:
      -->
    <dependency>
      <groupId>commons-io</groupId>
      <artifactId>commons-io</artifactId>
      <version>2.6</version>
    </dependency>
  </dependencies>
  <url>https://github.com/m3ssap0/spring-break_cve-2017-8046</url>
</project>