Recently we heard an exploit about Spring4Shell like everyone else. We quickly built an incident on LetsDefend about it. Now, we are explaining how you can setup up a home lab yourself.
By the way, we have already built an incident about Spring4Shell. If you want to investigate it as an Incident Responder in SOC environment, just click the button below and register.
Firstly, we should install the vulnerable app about spring4shell. Already there is a docker image we can use.
Now, we are ready to attack this app.
Download the CVE-2022-22965 exploit code. Then run it.
Everything is ready for exploitation. Let's run the shell.
Basically, we explained how to build a vulnerable Spring4Shell lab for education purposes. Now, you are able to remote code execution on the target system (local system).
If you interested, there are other related posts: