1. The target machine reproduction environment:
the tomcat environment installed with docker. This time, the vulnerability verification environment vulhub is selected. The github address is https://github.com/vulhub/vulhub's tomcat/CVE-2020-1938 vulnerability version, this version also has the vulnerability of cve-2020-13935
/tools/vulhub/tomcat/CVE-2020-1938 docker-compose up -d #启动漏洞靶机
Test whether the startup is successful docker ps, accessed through a browser
2. Test POC
https://github.com/RedTeamPentesting/CVE-2020-13935
After downloading, compile it with go and use it.
run:
./tcdos ws://127.0.0.1:8080/examples/websocket/echoStreamAnnotation
Start to test the cpu usage of docker.
After starting the test:
the cpu is filled up at 600% in an instant, and the computer fan starts to make a "lion roar" in an instant, and the Dos is successful
3. Vulnerability report & impact & solution reference :
https://weixin.shuziguanxing.com/selectDetailsTempateId/638