POC详情: 9f77e1dac47d510bdbf19a2f899e7ee918e63a22

来源
https://github.com/tiemio/SSH-key-and-RCE-PoC-for-CVE-2021-41773
关联漏洞
标题: Apache HTTP Server 路径遍历漏洞 (CVE-2021-41773)
描述:Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点。 Apache HTTP Server 2.4.49版本存在路径遍历漏洞,攻击者可利用该漏洞使用路径遍历攻击将URL映射到预期文档根以外的文件。
描述
This repository contains a Proof-of-Concept for the CVE-2021-41773. This CVE contains a LFI and RCE vulnerablity.
介绍
# SSH Key and RCE PoC for CVE-2021-41773

This repository contains a Proof-of-Concept (PoC) for CVE-2021-41773. This CVE exposes a Local File Inclusion (LFI) and Remote Code Execution (RCE) vulnerability.

---

### Installation

Ensure you have Go version **1.23.0** installed.  
Build the exploit binary with the following command:

```bash
go build -o exploit
```

---

### How to Use

- **Specify the target IP**: Use the `-i` flag to specify the target IP address (include the port). This is **required**.
  - Example:  
    ```bash
    ./exploit -i 10.0.0.1:8080
    ```

- **Specify the SSH wordlist size**: Use the `-l` flag to choose the size of the SSH wordlist.  
  Options:  
  - `0`: Small (default)  
  - `1`: Medium  
  - `2`: Large  
  This flag is **optional**.  
  - Example:  
    ```bash
    ./exploit -i 10.0.0.1:8080 -l 1
    ```

- **Enable HTTPS**: Use the `-ssl` flag to enable HTTPS (default is HTTP). This flag is **optional**.  
  - Example:  
    ```bash
    ./exploit -i 10.0.0.1:8080 -ssl
    ```

- **Specify a custom SSH key wordlist**: Use the `-k` flag to provide a custom wordlist for SSH keys. This flag is **optional**.  
  - Example:  
    ```bash
    ./exploit -i 10.0.0.1:8080 -k /usr/share/wordlist/SecLists/Discovery/Web-Content/quickhits.txt
    ```

- **Enable Remote Code Execution (RCE)**: Use the `-rce` flag to execute commands remotely. This flag is **optional**.  
  - Example:  
    ```bash
    ./exploit -i 10.0.0.1:8080 -rce
    ```

---

### Why?

I wanted to write something in Golang and learn the language.  
This is the first complete program I have written in Golang.

---

### Notes

- Use this tool responsibly and only on systems you have explicit permission to test.
- CVE-2021-41773 affects Apache HTTP Server 2.4.49 and 2.4.50. Ensure the target is vulnerable before running the exploit.
文件快照

 [4.0K]  /data/pocs/9f77e1dac47d510bdbf19a2f899e7ee918e63a22
├── [  26]  go.mod
├── [6.4K]  main.go
└── [1.8K]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。