## https://sploitus.com/exploit?id=91C0D03D-8468-59A7-B3B7-F6B118A62FFB
# CVE-2022-22965-spring4shell
CVE-2022-22965 Spring4Shell research & PoC for learning purposes
## Blog post
A more detailed analysis and explanation of the vulnerability can be found on my [blog post](https://medium.com/@cxzero/spring4shell-cve-2022-22965-vulnerability-analysis-and-exploitation-fae244dfd3eb).
## Comments on initial research
Based on the initial research I did on https://github.com/GuayoyoCyber/CVE-2022-22965 with these additions:
- modifications on HelloWorld class and helloworld.jsp for a better understanding of the vulnerability
- added Apache Tomcat 9.0.60 embed library dependency for debugging purposes
## Compilation
```
sudo apt install maven
mvn clean package
```
Apache Tomcat 9.0.60 can be downloaded from https://archive.apache.org/dist/tomcat/tomcat-9/v9.0.60/bin/apache-tomcat-9.0.60.zip
Smart Tomcat IntelliJ plugin can be used to speed up running and debugging: https://plugins.jetbrains.com/plugin/9492-smart-tomcat
## Docker
```
sudo docker build -t spring4shell .
```
or
```
sudo docker build -t spring4shell -f Dockerfile2 .
```
```
sudo docker run -p 8082:8080 spring4shell
```
## References
- https://medium.com/@cxzero/spring4shell-cve-2022-22965-vulnerability-analysis-and-exploitation-fae244dfd3eb
- http://blog.o0o.nu/2010/06/cve-2010-1622.html
- https://mp.weixin.qq.com/s/kgw-O4Hsd9r2vfme3Y2Ynw
- https://www.microsoft.com/security/blog/2022/04/04/springshell-rce-vulnerability-guidance-for-protecting-against-and-detecting-cve-2022-22965/
- https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/
- https://unit42.paloaltonetworks.com/cve-2022-22965-springshell/