关联漏洞
Description
A little demonstration of cve-2021-41773 on httpd docker containers
介绍
# CVE-2021-41773
A Demonstration to show the CVE-2021-41773 vulnerability on a docker container.
## Usage
### Server
- run build.sh(runs docker build)
```bash
./scripts/build.sh
```
> NOTE: No need to do it more than once
- run deploy.sh (creates a docker container with the image from `build.sh`)
```bash
./scripts/deploy.sh
```
to close the container run the following command:
```bash
docker rm --force cve-2021-41773
```
### Demonstrating the exploit
#### using bash:
```bash
./scripts/exploit.sh
```
#### using postman:
- import the `CVE-2021-41773.postman_collection.json` collection to your postman and have fun.
文件快照
[4.0K] /data/pocs/0f602bb00bd3b6e8595d85192c55dba804da5502
├── [ 798] CVE-2021-41773.postman_collection.json
├── [ 160] Dockerfile
├── [ 20K] httpd.conf
├── [ 11K] LICENSE
├── [ 636] README.md
└── [4.0K] scripts
├── [ 97] build.sh
├── [ 182] deploy.sh
└── [ 151] exploit.sh
1 directory, 8 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →