Apache HTTP Server 2.4.50 - RCE Lab
exploit.sh :- https://github.com/jas9reet/CVE-2021-42013-LAB/blob/main/exploit.sh
Usage
-
docker pull jas9reet/cve-2021-42013-lab
-
docker run -dit -p 8088:80 jas9reet/cve-2021-42013-lab
Vulnerable Application Access
- VICTIM-IP-ADDRESS:8088
Exploitation Commands
- bash exploit.sh -u http://victim-ip:8088 -c "whoami"