In this work, we are going to see two different vulnerability exploitation in the vulnerable versions of Apache Airflow. Apache Airflow is an open-source workflow management platform that performs distributed task scheduling, i.e., it considered as a platform to programmatically author, schedule, and monitor workflows. This project was started at Airbnb in October 2014 as a solution for management of company’s complex workflows. Development of Airflow enables the Airbnb to schedule their workflows and monitor them using built-in Airflow user interface.
• Apache Airflow version prior to 1.10.10
• CVE-2020-11978 - Apache Airflow Command Injection in Example Dag
• CVE-2020-11981 - Apache Airflow Celery Broker Remote Command Execution
• Platform:
Ubuntu 20.04 (or versions that support python 3.6 or above)
• pip
#Install pip using the command:
curl -s https://bootstrap.pypa.io/get-pip.py | python3
• docker
#Install docker using the command:
Install by: curl -s https://get.docker.com/ | sh
#run the docker file using the command:
systemctl start docker
• docker compose
#Install docker compose using the command:
pip install docker-compose
#or
python3 -m pip install docker-compose
• Download the project using the command:
wget https://github.com/navyaks55/Vulnerability_Exploitation.git -o Vulnerability_Exploitation-main.zip
• Unzip the folder
• Navigate the CVE folder and follow the instructions in Readme.md file
• use sudo if you are facing permission errors while using the docker image.
https://github.com/vulhub/vulhub
https://en.wikipedia.org/wiki/Apache_Airflow
https://hub.docker.com/r/apache/airflow