Demo-Exploit-Jackson-RCE
Demo-Exploit-Jackson-RCE copied to clipboard

Published 20 hours ago •

→

Metadata

Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.

Readme
Issues

Demo-Exploit-Jackson-RCE

Based on the project jackson-rce-via-spel this project serves as an example web application to test multiple attack vectors (file upload, forms) on the Jackson-databind vulnerability.

Introduction

Based on an Angular7 frontend and a spring-boot backend different attack vectors can be tested and the results visualized and checked.

Build

Build and package spring boot and angular7 into a deployable war file.

mvn package

Run

Which automatically opens a web browser at http://localhost:4200.

backend/mvn spring-boot:run

Screenshots

Recording of exploting an file upload

Recording of exploting an user creation form

About

Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.

16

Stars

5

Forks

Watchers

Owner

JavanXD

← Metadata

16

Stars

5

Forks

Watchers

Owner

JavanXD

Metadata

Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.

Back

Demo-Exploit-Jackson-RCE Demo-Exploit-Jackson-RCE copied to clipboard

Metadata

Demo-Exploit-Jackson-RCE

Introduction

Build

Run

Screenshots

← Metadata

Owner

Metadata

Demo-Exploit-Jackson-RCE
Demo-Exploit-Jackson-RCE copied to clipboard