๐ขSpring4Shell: CVE-2022-22965
Interactive lab for exploiting Spring4Shell (CVE-2022-22965) in the Java Spring Framework
Room Attributes | Value |
---|---|
Subscription Required | False [Free] |
Type | Walkthrough |
Difficulty | Info |
Tags | Spring4Shell, Vulnerability, RCE, Java, CVE-2022-22965 |
Task 1 - Info Introduction and Deploy
Deploy the target machine by clicking the green button at the top of this task!
Note: This machine will take 2-3 minutes to start up completely!
No answer needed
Task 2 - Tutorial Vulnerability Background
Read the task information and understand how Spring4Shell works at a high level.
No answer needed
Task 3 - Practical Exploitation
Follow the steps in the task to exploit Spring4Shell and obtain a webshell.
No answer needed
[Bonus Question: Optional] Use your webshell to obtain a reverse/bind shell on the target.
No answer needed
What is the flag in /root/flag.txt
?
/root/flag.txt
?Task 4 - Info Conclusion
I understand and can abuse Spring4Shell!
No answer needed
Last updated