đąSpring4Shell: CVE-2022-22965
Interactive lab for exploiting Spring4Shell (CVE-2022-22965) in the Java Spring Framework
Room Attributes
Value
Subscription Required
False [Free]
Type
Walkthrough
Difficulty
Info
Tags
Spring4Shell, Vulnerability, RCE, Java, CVE-2022-22965
Task 1 - Info Introduction and Deploy
Deploy the target machine by clicking the green button at the top of this task!
No answer needed
Task 2 - Tutorial Vulnerability Background
Read the task information and understand how Spring4Shell works at a high level.
No answer needed
Task 3 - Practical Exploitation
Follow the steps in the task to exploit Spring4Shell and obtain a webshell.
No answer needed
[Bonus Question: Optional] Use your webshell to obtain a reverse/bind shell on the target.
No answer needed
What is the flag in /root/flag.txt
?
/root/flag.txt
?Task 4 - Info Conclusion
I understand and can abuse Spring4Shell!
No answer needed
Last updated