# Spring Cloud Function Vulnerability (CVE-2022-22963) RCE
This is a python implemetation of Spring4Shell, CVE-2022-22963, 
affecting services running Spring Cloud Function <=3.1.6 (for 3.1.x) 
and <=3.2.2 (for 3.2.x)

Combination of multiple POCs online

Author: Randall Banner

Date: 17/04/23

Script creates in current directory, with a simple bash reverse shell
one-liner. Then starts a webserver to serve it to the victim via wget (output in 
/dev/shm folder), next it makes executable and finally runs it.

Don't forget to start Netcat before running script!