Working on Drupal Services-module-unserialize-to-rce

p0dalirius · Oct 7, 2023 · c9edbd7 · c9edbd7
1 parent d5f7c1e
commit c9edbd7
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 15 deletions.
diff --git a/...nt-Systems-(CMS)/Drupal/techniques/Services-module-unserialize-to-rce/test_env/Dockerfile b/...nt-Systems-(CMS)/Drupal/techniques/Services-module-unserialize-to-rce/test_env/Dockerfile
@@ -1,22 +1,22 @@
 FROM debian:buster
 
-ENV DRUPALVERSION "9.2.1"
+ENV DRUPALVERSION "7.54"
 
 RUN apt-get -y -q update; \
     apt-get -y -q install apache2 xxd git unzip wget php php-simplexml php-gd php-ldap php-zip php-imap php-mysql php-mbstring mariadb-client mariadb-server composer
 
 COPY ./files/apache2.conf /etc/apache2/apache2.conf
-RUN a2enmod rewrite
+COPY ./files/services-7.x-3.18.tar.gz /var/www/html/
 
-RUN service mysql start;\
+RUN a2enmod rewrite; service mysql start;\
     mysql -u root -e "CREATE USER 'db'@'%' IDENTIFIED BY 'db'; UPDATE mysql.user set plugin = 'mysql_native_password' WHERE User = 'db'; GRANT ALL PRIVILEGES ON *.* TO 'db'@'%' WITH GRANT OPTION; FLUSH PRIVILEGES;"
 
-RUN wget "https://ftp.drupal.org/files/projects/drupal-${DRUPALVERSION}.zip" -O /tmp/drupal.zip ;\
-    cd /var/www/html/ ;\
-    rm index.html ;\
-    unzip /tmp/drupal.zip ;\
-    mv drupal-${DRUPALVERSION}/* ./ ;\
-    composer install
+RUN wget "https://ftp.drupal.org/files/projects/drupal-${DRUPALVERSION}.zip" -O /tmp/drupal.zip \
+    && cd /var/www/html/ \
+    && rm index.html \
+    && unzip /tmp/drupal.zip \
+    && mv drupal-${DRUPALVERSION}/* ./ \
+    && composer install
 
 RUN chown www-data: -R /var/www/
 

diff --git a/...pal/techniques/Services-module-unserialize-to-rce/test_env/files/services-7.x-3.18.tar.gz b/...pal/techniques/Services-module-unserialize-to-rce/test_env/files/services-7.x-3.18.tar.gz
diff --git a/Other/README.md b/Other/README.md
@@ -9,4 +9,3 @@
  - [**PHP**: (1 technique)](./PHP/)
  - [**Rocket.Chat**: (1 technique)](./Rocket.Chat/)
  - [**Webmin**: (1 technique)](./Webmin/)
- - [**GLPI**: (1 technique)](./GLPI/)
diff --git a/README.md b/README.md
@@ -42,8 +42,8 @@ The goal of this project is to provide an OpenSource knowledge database of all t
    + [**Jenkins**: (1 technique)](./Other/Jenkins/)
    + [**LimeSurvey**: (1 technique)](./Other/LimeSurvey/)
    + [**PHP**: (1 technique)](./Other/PHP/)
+   + [**Rocket.Chat**: (1 technique)](./Other/Rocket.Chat/)
    + [**Webmin**: (1 technique)](./Other/Webmin/)
-   + [**GLPI**: (1 technique)](./Other/GLPI/)
 
 
 
@@ -52,10 +52,6 @@ The goal of this project is to provide an OpenSource knowledge database of all t
 These techniques are a work in progress. You can help us finish them by opening a pull request!
 
 
- - [Other](./Other/)
-   + 🔧 [**Rocket.Chat**: Rocket.Chat - Add an integration script](./Other/Rocket.Chat/techniques/Add-an-integration-script/)
-
-
 
 ## Troubleshooting