milliways-infosec/CVE-2026-42945_RCE_in_Nginx-Rift
5
0
Fork 0
mirror of https://github.com/DepthFirstDisclosures/Nginx-Rift.git synced 2026-05-16 11:07:44 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

reorg files

Browse source
This commit is contained in:
Markakd 2026-05-12 16:39:02 -07:00
parent 90f4b4a302
commit 7fbbc54b50
7 changed files with 11 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
setup.sh
View file

@ -3,17 +3,17 @@ set -e
cd "$(dirname "$0")"
echo "Building Docker image (compiles nginx from source)..."
docker compose build
docker compose -f env/docker-compose.yml build
echo ""
echo "Done. To run:"
echo ""
echo " # Terminal 1 (server) — nginx runs with ASLR disabled (setarch -R):"
echo " docker compose up"
echo " docker compose -f env/docker-compose.yml up"
echo ""
echo " # Terminal 2 (attacker):"
echo " python3 poc.py --cmd 'touch /tmp/pwned'"
echo " python3 poc.py --cmd 'echo hello from depthfirst > /tmp/pwned'"
echo ""
echo " # Verify RCE:"
echo " docker compose exec nginx ls -la /tmp/pwned"
echo " docker compose exec nginx cat /tmp/pwned"
echo " docker compose -f env/docker-compose.yml exec nginx ls -la /tmp/pwned"
echo " docker compose -f env/docker-compose.yml exec nginx cat /tmp/pwned"