Solutions of IITB for SAPTANG's netsec challenge for Inter IIT tech meet 9.0
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.
- Aim: Write a working exploit for this CVE.
- Install vulnerable service in a VM/Docker and ensure to meet the condition so that you can exploit it.
- Run your exploit on the vulnerable service and make a video of it.
- Write a brief report about this bug including your exploit code and link for exploit and Video proof.
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the read-only initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. That could lead to remote code execution on the server.
- Aim: Write a working exploit for this CVE by which you can achieve RCE on local VM/Docker.
- Install vulnerable service in a VM/Docker and ensure to meet the condition so that you can exploit it.
- Run your exploit on the vulnerable service and make a video of it.
- Write a brief report about this bug including your exploit code and link for exploit and Video proof.
Specially crafted requests lead to DoS/RCE without any user interaction on Windows RDP service.
- Aim: Setup a local Vm in which to install vulnerable windows RDP service and write an exploit that could lead to DoS/RCE on the local VM server.
- Write a brief report about this bug including your exploit code and link for exploit and Video proof.
This bug leads to command injection vulnerability in Apache Tika -server 1.18 and uses Cscript.exe to execute Jscript or VBS code and run arbitrary commands.
- Aim: Write a working exploit for this CVE by which you can achieve RCE on the local VM.
- Install vulnerable service in a VM and ensure to meet the condition so that you can exploit it.
- Run your exploit on the vulnerable service and make a video of it.
- Write a brief report about this bug including your exploit code and link for exploit and Video proof.
Apache Tomcat has a vulnerability in the CGI Servlet which can be exploited to achieve remote code execution (RCE). This is only exploitable when running on Windows in a non-default configuration in conjunction with batch files.
- Aim: Write a working exploit by which you can achieve RCE on the local VM.
- Install vulnerable service in a VM and ensure to meet the condition so that you can exploit it.
- Run your exploit on the vulnerable service and make a video of it.
- Write a brief report about this bug including your exploit code and link for exploit and Video proof.
- Himanshu Sheoran deut-erium
- Lakshya Kumar p0i5on8
- Sahil Jain jsahil730
- Ram Krishna Poricha ramporicha-iitb
- Sawan Goyal goyalsawan