reorg files

2026-05-16 11:07:44 +00:00 · 2026-05-12 16:39:02 -07:00 · 2026-05-12 16:39:02 -07:00 · 7fbbc54b50
commit 7fbbc54b50
parent 90f4b4a302
7 changed files with 11 additions and 5 deletions
--- a/README.md
+++ b/README.md
@ -2,3 +2,9 @@
 **CVE:** CVE-2026-42945  
 **Tested on:** Ubuntu 24.04.3 LTS
 ## Usage
 1. Run `./setup.sh` to create the container.
 2. Run `docker compose -f env/docker-compose.yml up` to start the vulnerable nginx server.
 3. Run `python3 poc.py --shell` to achieve RCE (Remote Code Execution).
--- a/env/Dockerfile
+++ b/env/Dockerfile
--- a/env/docker-compose.yml
+++ b/env/docker-compose.yml
--- a/env/entrypoint.sh
+++ b/env/entrypoint.sh
--- a/env/nginx.conf
+++ b/env/nginx.conf
--- a/env/server.py
+++ b/env/server.py
--- a/setup.sh
+++ b/setup.sh
@ -3,17 +3,17 @@ set -e
 cd "$(dirname "$0")"
 echo "Building Docker image (compiles nginx from source)..."
-docker compose build
+docker compose -f env/docker-compose.yml build
 echo ""
 echo "Done. To run:"
 echo ""
 echo "  # Terminal 1 (server) — nginx runs with ASLR disabled (setarch -R):"
-echo "  docker compose up"
+echo "  docker compose -f env/docker-compose.yml up"
 echo ""
 echo "  # Terminal 2 (attacker):"
-echo "  python3 poc.py --cmd 'touch /tmp/pwned'"
+echo "  python3 poc.py --cmd 'echo hello from depthfirst > /tmp/pwned'"
 echo ""
 echo "  # Verify RCE:"
-echo "  docker compose exec nginx ls -la /tmp/pwned"
+echo "  docker compose -f env/docker-compose.yml exec nginx ls -la /tmp/pwned"
-echo "  docker compose exec nginx cat /tmp/pwned"
+echo "  docker compose -f env/docker-compose.yml exec nginx cat /tmp/pwned"