Spring4Shell (CVE-2022-22965) Practical Exploitation walkthrough & Webshell to reverse shell [THM]

CTF Security

news technology framework java jsp mvc reverse server shell spring4shell tomcat tryhackme war webshell

description

This video will provide a practical overview of the Spring4Shell RCE vulnerability in Spring Core, as well as guide you on how to exploit it yourself in the vulnerable machine.

Spring4Shell (CVE-2022-22965) A flaw found in Spring Framework, specifically within two modules called Spring MVC and Spring WebFlux, (transitively affected from Spring Beans), using parameter data binding. This flaw allows an attacker to pass specially-constructed malicious requests to certain parameters and possibly gain access to normally-restricted functionality within the Java Virtual Machine.

Let's begin!

Mitigation For those who are not able to upgrade affected Spring classes to the fixed versions, there is a workaround customers can implement for their applications, via setting disallowed fields on the data binder, and denying various iterations of the string "class.*"

For full implementation details, see Spring's early announcement post in the "suggested workarounds" section: https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement#suggested-workarounds

Bash reverse shell https://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet

ROOM Spring4Shell: CVE-2022-22965 https://tryhackme.com/room/spring4shell

Subscribe https://m.youtube.com/channel/UCMq4uUwcWnYgfe3z5w3Kt7A/

Connect with me across various interactive platforms for a dynamic and connected experience.

🔗Discord: https://discord.com/invite/7Kq5hdyJYZ

🔗 Social Media: X (twitter) : @r007User Facebook : https://www.facebook.com/ctfsec

📺 Twitch https://www.twitch.tv/ctfsec

🌐 Website: https://r007us3r.github.io/

🎥 YouTube Channels: https://youtube.com/@ctf-sec

📧 Business Inquiries: ctfsec001@gmail.com

👇 Other Links: https://t.me/+VpUp7BxquVqLSEe5

Support me [+] Buymeacoffee https://paystack.com/pay/r007

FOLLOW | LIKE | SUBSCRIBE | SHARE

00:00 Introduction 01:11 Recon 01:58 Downloading exploit 04:20 Setting up exploit file 08:50 Gaining webshell 10:54 Converting webshell to reverse shell 11:07 Creating a bash reverse shell script 13:46 Getting bash script to target Machine 18:03 Executing reverse shell 21:31 Getting /root/flag.txt 22:12 Thank you

#Spring4Shell #Tryhackme #CVE2022-22965 #Server #Apache #JDK #Log4shell #RCE #Tryhackme #Infosec #EthicalHacker #python #Exploit #bash #script #Nigeria #cybermux #webshell #2022 #New #Trending #Cybersecurity #Burpsuite #Tomcat #Hackthebox #htb #thm #Log4j #URLencoding #proxy ... https://www.youtube.com/watch?v=aWxG66BXlqU

created

2024-07-24

staked

0.0 LBC

license

Copyrighted (contact publisher)

File size

94879790 Bytes