Public Repository

Last pushed: 5 months ago
Short Description
REMOTE CODE EXECUTION VULNERABILITY!
Full Description

This version of WordPress is intentionally vulnerable to CVE-2016-10033 and is intended to be used for academic purposes only.

I added bsd-mailx and exim4 so that I could to allow remote code execution through the lost password page. Direct code execution with Exim looks like this:

$ sendmail -be '${run{/bin/bash -c id}}'
   uid=0(root) gid=108(Debian-exim) groups=108(Debian-exim)

For more information, see:

Dockerfile:

FROM wordpress:4.6.0
 RUN apt-get update \
     && apt-get -y install bsd-mailx
 ADD mail.ini /usr/local/etc/php/conf.d/mail.ini
 ENTRYPOINT ["/entrypoint.sh"]
 CMD ["apache2-foreground"]
Docker Pull Command
Owner
apcheamitru