This is blog is to set up your own lab environment for Apache Flink 1.9.x. There was a vulnerability published recently on exploit db and I used it as a learning tool to practice performing code review with Java.
It took me about 2 hours to find and exploit where my starting hold was just the title ‘File Upload RCE’. To set up the environment it is a quick 5 minute process. I used a Ubuntu VM for the base operating system. Below is the link to the exploit.
Step 1: Download the binary of Apache Flink 1.9.x. In this case I used 1.9.2:
Step 2: Extract the contents and go to the following path.
/apache-flink-1.9.2/build/lib/pyflink/bin
Step 3: Run the start-cluster.sh file
Step 4: Use netstat or ps aux to check the application is running
After getting Apache Flink set up, you will need to install the following if you want to perform the code review to find and execute the exploit.
- Java Decompiler (JD-GUI)
https://github.com/java-decompiler/jd-gui/releases/download/v1.6.6/jd-gui-1.6.6.jar
2. Java for running the Java Decompiler and also creating your own reverse shell .jar file.