## https://sploitus.com/exploit?id=B68A7B47-B8E2-5A24-9584-62E37029BFE5
# Nginx UI Exploit Setup
This guide outlines the steps to set up Nginx UI using Docker Compose, create a user, run an exploit, and verify the results within the Docker container.
## Prerequisites
- Ensure you have Docker and Docker Compose installed on your machine.
- Familiarity with basic command-line operations.
## Installing nginx via docker
1. Download the [docker-compose.yml](docker-compose.yml)
2. Verify that your nginx.conf file has these lines.
**Note:** in linux (Ubuntu), this file is at /etc/nginx/nginx.conf
```nginx
http {
# ...
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
```
3. Create a local directory www in your working directory. Copy its path and change the first half of line 13 in the docker compose yaml (Just the part before the `:`).
```yml
Line 13 ~/cve_session1/nginx/www
```
3. Create your container by:
```bash
docker compose up -d
```
4. Wait a couple of minutes and check if the docker image is running:
```bash
sudo docker ps
```
You should see the nginx docker running.
5. Login to the nginx UI at http://127.0.0.1:8080/#/login
6. Create an admin user accounts. Username: admin , Password: admin.
7. Then within the nginx UI create another user: Username: basic , Password: basic.
**Note:** You can create the users with whatever names and password you want. Just make sure to update the python script
8. Run the exploit. It is fairly self-explanatory.
9. Login to docker and check that the command injection works.
``` bash
# Get container id first
docker ps
# Access container shell
docker exec -it <container-id> /bin/sh
# Check the tmp directory
ls -l /tmp
```