Share
## https://sploitus.com/exploit?id=B68A7B47-B8E2-5A24-9584-62E37029BFE5
# Nginx UI Exploit Setup

This guide outlines the steps to set up Nginx UI using Docker Compose, create a user, run an exploit, and verify the results within the Docker container.

## Prerequisites
- Ensure you have Docker and Docker Compose installed on your machine.
- Familiarity with basic command-line operations.

## Installing nginx via docker

1. Download the [docker-compose.yml](docker-compose.yml)
2. Verify that your nginx.conf file has these lines. 
   **Note:** in linux (Ubuntu), this file is at /etc/nginx/nginx.conf
   ```nginx
        http {
            # ...
            include /etc/nginx/conf.d/*.conf;
            include /etc/nginx/sites-enabled/*;
        }
    ```
3. Create a local directory www in your working directory. Copy its path and change the first half of line 13 in the docker compose yaml (Just the part before the `:`). 
    ```yml
        Line 13 ~/cve_session1/nginx/www
    ```
3. Create your container by: 
    ```bash
        docker compose up -d
    ```
4. Wait a couple of minutes and check if the docker image is running:
    ```bash
        sudo docker ps
    ```
    You should see the nginx docker running. 
5. Login to the nginx UI at http://127.0.0.1:8080/#/login
6. Create an admin user accounts. Username: admin , Password: admin.
7. Then within the nginx UI create another user: Username: basic , Password: basic.
   **Note:** You can create the users with whatever names and password you want. Just make sure to update the python script
8. Run the exploit. It is fairly self-explanatory. 
9. Login to docker and check that the command injection works. 
   ``` bash
        # Get container id first
        docker ps

        # Access container shell
        docker exec -it <container-id> /bin/sh

        # Check the tmp directory
        ls -l /tmp
   ```