This is a python implemetation of Spring4Shell, CVE-2022-22963, affecting services running Spring Cloud Function <=3.1.6 (for 3.1.x) and <=3.2.2 (for 3.2.x)
Combination of multiple POCs online
Author: Randall Banner
Date: 17/04/23
Description: Script creates shell.sh in current directory, with a simple bash reverse shell one-liner. Then starts a webserver to serve it to the victim via wget (output in /dev/shm folder), next it makes shell.sh executable and finally runs it.
Don't forget to start Netcat before running script!