top circles
Spring4Shell POC: Spring core 0-Day RCE exploit
Daniel Christensen
March 30th, 2022
An estimated 2 min read

Oh no, here we go again

This exploit has not been confirmed yet, and comes from unknown sources

Spring4Shell Proof Of Concept/Information

My Poc: https://github.com/BobTheShoplifter/Spring4Shell-POC

Original Poc: https://github.com/craig/SpringCore0day/blob/main/exp.py

Details

Early this morning, multiple sources has informed of a possible RCE exploit in the popular java framework spring.

The naming of this flaw is based on the similarities to the infamous Log4j LOG4Shell. No POC has been shared for the time being

POC

Files: https://github.com/BobTheShoplifter/Spring4Shell-POC

CVE

Mitigations

(The following mitigations are only theoretical as nothing has been confirmed)

JDK Version under 9

Cyberkendra informed that JDK versions lower than JDK 9

You can easily check this by running

java -version

That will display something similar to this


openjdk version "17.0.2" 2022-01-18
OpenJDK Runtime Environment (build 17.0.2+8-Ubuntu-120.04)
OpenJDK 64-Bit Server VM (build 17.0.2+8-Ubuntu-120.04, mixed mode, sharing)

If your JDK version is under 8, you might be safe, but nothing is confirmed yet

Check if you are using the spring framework

Do a global search after "spring-beans-*.jar" and "spring*.jar"

find . -name spring-beans*.jar

The following article will be updated

Share this article
bottom circles