Govware 2019 Exploit Demos

Intro

This repository attempts to implement the following exploits for Govware 2019:

Oracle WebLogic Server CVE-2019-2725
Docker Runc CVE-2019-5736 with docker containers.

Setup

Prequisites for all exploits:

Install docker and docker-compose

Instructions for Running demos:

Change directory to exploit (see Project Structure)

cd <exploit dir>

Download docker images

docker-compose pull

Bring up the stack

docker-compose up

On another terminal, access the attacker machine using:

docker-compose exec attacker

Exploit

Project Structure

The project is structured as follows:

weblogic/ - A Oracle WebLogic Server CVE-2019-2725
- containers/ - containers used in the exploit
  - attacker/ - attacker container
  - victim/ - victim container
docker/ - Docker Runc CVE-2019-5736
- containers/ - containers used in the exploit
  - attacker/ - attacker container
  - victim/ - victim container

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
docker		docker
weblogic		weblogic
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

docker

docker

weblogic

weblogic

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

Repository files navigation

Govware 2019 Exploit Demos

Intro

Setup

Project Structure

About

Releases

Packages

Languages

License

mrzzy/govware-2019-demos

Folders and files

Latest commit

History

Repository files navigation

Govware 2019 Exploit Demos

Intro

Setup

Project Structure

About

Resources

License

Stars

Watchers

Forks

Languages