MCPcopy Index your code
hub / github.com/colincowie/Safer_PoC_CVE-2022-22965

github.com/colincowie/Safer_PoC_CVE-2022-22965 @main

Chat with this repo
repository ↗ · DeepWiki ↗ · + Follow
2 symbols 8 edges 1 files 0 documented · 0% updated 4y ago★ 441 open issues
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

Safer_PoC_CVE-2022-22965

A Safer PoC for CVE-2022-22965 (Spring4Shell)

Functionality

  • Creates a file called CVE_2022-22965_exploited.txt in the tomcat directory 'webapps/ROOT'
  • Option user argument to change the output directory
  • Exploit validation is performed by requesting the output .txt file, depending on your tomcat configuration this may require manual review.
  • Additional verification added to check the content of the returned document; some web servers return an error page with HTTP status 200

Usage

usage: Safer_PoC_CVE-2022-22965.py [-h] --url URL [--dir DIR]

CVE-2022-22965 Spring-Core remote code execution POC

optional arguments:
  -h, --help  show this help message and exit
  --url URL   target url
  --dir DIR   directory to write the result (default is "webapps")

Example: python3 Safer_PoC_CVE-2022-22965.py --url http://localhost:8080/handling-form-submission-complete/greeting --dir "webapps/handling-form-submission-complete"

Output File

File Name: CVE_2022_22965_exploited.txt

File Contents: Warning, CVE_2022_22965 was sucessfully exploited on this device. reference: https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement

Core symbols most depended-on inside this repo

Shape

Function 2

Languages

Python100%

Modules by API surface

Safer_PoC_CVE-2022-22965.py2 symbols

For agents

$ claude mcp add Safer_PoC_CVE-2022-22965 \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact

Ask about this repo answers extend the page