CVE-2022-22965 poc including reverse-shell support

Apr 03, 2022 1 min read

CVE-2022-22965 poc

CVE-2022-22965 poc including reverse-shell and password support. Feel free to add more stuff ?

How to test?

$ docker run -p 9090:8080 vulfocus/spring-core-rce-2022-03-29 # run vulnerable docker
$ python3 exploit.py -c id --password 1234 --shell_name big0us
$ python3 exploit.py --help # for more usages

Creditis

I refactored the code of the original exploit and add some features

Changes

reverse shell suport
password support
shell name support

GitHub

View Github

CVE

John was the first writer to have joined pythonawesome.com. He has since then inculcated very effective writing and reviewing culture at pythonawesome which rivals have found impossible to imitate.