A honeypot for the Spring4Shell vulnerability.
- Listen on various ports for Spring4Shell exploitation.
- Detect exploitation in request line and headers.
- Fetch this GitHub repository
git clone https://github.com/Thomasrgx/Spring4Pot.git
- Change directory into the local copy with
cd Spring4Pot
- Add execution permission to deply_spring4pot.sh:
chmod +x deploy_spring4pot.py
- Execute it:
sudo ./deploy_spring4pot.py
- Test if the server works properly:
curl http://localhost
If the honeypot is working, you should have a basic answer with a random ID generated. If not, try to run this command in /opt/Spring4Pot/:
$ sudo poetry run python3 spring4pot.py