Statement: This POC&EXP is only for learning, and all illegal operations are prohibited. If malicious damage is done, it has nothing to do with me! ! !
Spring-cloud-function-SpEL-RCE batch detection script, rebound shell script
- Batch detection script:
usage:
python Spel_RCE_POC.py url.txt
Add thread, the effect masters self-test, if it is easy to use, the masters will give a star, welcome to pay attention to the Chaosec official account
- Rebound shell:
Bounce shell script
usage:
python Spel_RCE_Bash_EXP.py url lhost lport
