Created
August 9, 2022 19:25
-
-
Save Ayoub-2/22137d1a15d5a8001984898ac9cdfa62 to your computer and use it in GitHub Desktop.
Apache 2.4.49 CVE-2021-41773 Vulnerability Test Lab
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # set up directory to install into + download files from github repo | |
| cd /usr/local/src/ | |
| wget https://github.com/apache/httpd/archive/refs/tags/2.4.49.tar.gz | |
| tar xzf 2.4.49.tar.gz | |
| cd httpd-2.4.49 | |
| mkdir /usr/local/apache2.4.49 | |
| # install some dependencies left on apache | |
| apt-get update -y | |
| apt install -y build-essential libssl-dev libexpat-dev libpcre3-dev libapr1-dev libaprutil1-dev | |
| apt install -y subversion autoconf libtool | |
| apt-get install -y libtool-bin | |
| apt-get update -y | |
| svn co http://svn.apache.org/repos/asf/apr/apr/trunk srclib/apr | |
| # bulding | |
| ./buildconf | |
| make && make install | |
| ./configure | |
| cd /usr/local/apache2 | |
| wget https://gist.githubusercontent.com/christophetd/cf214c3b23b969b6629ad2570d884299/raw/19a004898772490a0705d9e49a952271a5ace311/vulnerable-httpd.conf | |
| cp conf/httpd.conf ./http-original.conf | |
| mv vulnerable-httpd.conf conf/httpd.conf | |
| sed -i.bak -e '66d;' conf/httpd.conf # delete the 66 line number from httpd.conf | |
| # start service | |
| /usr/local/apache2.4.50/bin/apachectl start | |
| # /usr/local/apache2.4.50/bin/apachectl restart | |
| # /usr/local/apache2.4.50/bin/apachectl start | |
| # /usr/local/apache2.4.50/bin/apachectl stop | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment