Home > Blockchain >  Spring4Shell detection without knowing spring, JDK version, or code
Spring4Shell detection without knowing spring, JDK version, or code

Time:06-09

I understand that popular exploits for Sping4Shell are performed by submitting HTTP POST requests with form data that attempts to get server-side data-binding code to alter a classLoader field. How do I construct this request?

CodePudding user response:

There are many GitHub projects, which maintain code for testing for those vulnerabilities. For example this one.

Study the source code and rebuild it in a language you fancy. Or use it out of the box. There are also solutions, which run in Docker, so no additional resources are needed.

Page link:https//www.codepudding.com/Blockchain/435511.html

Prev:How to load a request from file using curl or any other command and issue that request
Next:how to share axis in matplotlib and use only one equal aspect ratio
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding