├── README.md
└── typora-img
    └── README
        ├── gzh.png
        ├── image-20240206162225924.png
        ├── image-20240206162356049.png
        ├── image-20240206162527190.png
        ├── image-20240206163122582.png
        ├── image-20240206163709925.png
        ├── image-20240206163950156.png
        └── image-20240206164053611.png


/README.md:
--------------------------------------------------------------------------------
 1 | # SpringExploitGUI_v1.0
 2 | 
 3 | ### 0x01 前言
 4 | 
 5 | ​		今天复现了几个spring之前的漏洞，顺手就武器化了下，工具目前支持Spring Cloud Gateway RCE(CVE-2022-22947)、Spring Cloud Function SpEL RCE (CVE-2022-22963)、Spring Framework RCE (CVE-2022-22965) 的检测以及利用，目前仅为第一个版本，后续会添加更多漏洞POC，以及更多的持久化利用方式
 6 | 
 7 | 
 8 | 
 9 | ### 0x02 工具使用说明
10 | 
11 | **单个检测&&批量检测**
12 | 
13 | 工具支持单个漏洞单个目标检测，也支持多个目标检测
14 | 
15 | ![image-20240206162527190](./typora-img/README/image-20240206162527190.png)
16 | 
17 | ![image-20240206163950156](./typora-img/README/image-20240206163950156.png)
18 | 
19 | ![image-20240206162356049](./typora-img/README/image-20240206162356049.png)
20 | 
21 | **漏洞利用**
22 | 
23 | Spring Cloud Gateway RCE(CVE-2022-22947) 目前支持命令执行、一键反弹shell、哥斯拉内存马注入
24 | 
25 | ![image-20240206163122582](./typora-img/README/image-20240206163122582.png)
26 | 
27 | ![image-20240206163709925](./typora-img/README/image-20240206163709925.png)
28 | 
29 | Spring Cloud Function SpEL RCE (CVE-2022-22963)目前支持一键反弹shell
30 | 
31 | ![image-20240206164053611](./typora-img/README/image-20240206164053611.png)
32 | 
33 | 
34 | 
35 | Spring Framework RCE (CVE-2022-22965) 目前支持命令执行，通过写入webshell实现的，后续会继续实现写入ssh公钥、计划任务等利用方式
36 | 
37 | ![image-20240206162225924](./typora-img/README/image-20240206162225924.png)
38 | 
39 | 
40 | 
41 | ### 0x03 免责声明
42 | 
43 | 该开源工具是由作者按照开源许可证发布的，仅供个人学习和研究使用。作者不对您使用该工具所产生的任何后果负任何法律责任。
44 | 
45 | ![gzh](./typora-img/README/gzh.png)
46 | 


--------------------------------------------------------------------------------
/typora-img/README/gzh.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/SpringExploitGUI/77aa96fde8274ab46eb1c1df240cee999b0d7f63/typora-img/README/gzh.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240206162225924.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/SpringExploitGUI/77aa96fde8274ab46eb1c1df240cee999b0d7f63/typora-img/README/image-20240206162225924.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240206162356049.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/SpringExploitGUI/77aa96fde8274ab46eb1c1df240cee999b0d7f63/typora-img/README/image-20240206162356049.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240206162527190.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/SpringExploitGUI/77aa96fde8274ab46eb1c1df240cee999b0d7f63/typora-img/README/image-20240206162527190.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240206163122582.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/SpringExploitGUI/77aa96fde8274ab46eb1c1df240cee999b0d7f63/typora-img/README/image-20240206163122582.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240206163709925.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/SpringExploitGUI/77aa96fde8274ab46eb1c1df240cee999b0d7f63/typora-img/README/image-20240206163709925.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240206163950156.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/SpringExploitGUI/77aa96fde8274ab46eb1c1df240cee999b0d7f63/typora-img/README/image-20240206163950156.png


--------------------------------------------------------------------------------
/typora-img/README/image-20240206164053611.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/charonlight/SpringExploitGUI/77aa96fde8274ab46eb1c1df240cee999b0d7f63/typora-img/README/image-20240206164053611.png


--------------------------------------------------------------------------------