README.md
Rendering markdown...
services:
vuln:
platform: ${LAB_PLATFORM:-linux/amd64}
build:
context: .
dockerfile: ./vuln/Dockerfile
container_name: cve-2026-34234-vuln
restart: unless-stopped
depends_on:
fake-api:
condition: service_healthy
mysql_vuln:
condition: service_healthy
redis_vuln:
condition: service_started
ports:
- "127.0.0.1:8081:80"
volumes:
- "./env/vuln.env:/var/www/html/.env:rw"
networks:
- cve-2026-34234
patched:
platform: ${LAB_PLATFORM:-linux/amd64}
build:
context: .
dockerfile: ./patched/Dockerfile
container_name: cve-2026-34234-patched
restart: unless-stopped
depends_on:
fake-api:
condition: service_healthy
mysql_patched:
condition: service_healthy
redis_patched:
condition: service_started
ports:
- "127.0.0.1:8082:80"
volumes:
- "./env/patched.env:/var/www/html/.env:rw"
networks:
- cve-2026-34234
fake-api:
image: python:3.12.3-slim
container_name: cve-2026-34234-fake-api
restart: unless-stopped
working_dir: /srv/fake-api
command: python /srv/fake-api/server.py
environment:
PORT: "80"
ports:
- "127.0.0.1:9100:80"
volumes:
- "./fake-api:/srv/fake-api:ro"
healthcheck:
test: ["CMD-SHELL", "python -c \"import urllib.request; urllib.request.urlopen('http://127.0.0.1/health', timeout=2).read()\""]
interval: 5s
timeout: 3s
retries: 20
networks:
cve-2026-34234:
aliases:
- fake-api.local
mysql_vuln:
image: mariadb:11.4
container_name: cve-2026-34234-mariadb-vuln
restart: unless-stopped
environment:
MARIADB_DATABASE: ctrlpanel
MARIADB_USER: ctrlpaneluser
MARIADB_PASSWORD: ctrlpanelpass
MARIADB_ROOT_PASSWORD: rootpass
volumes:
- mysql_vuln_data:/var/lib/mysql
healthcheck:
test: ["CMD-SHELL", "mariadb-admin ping -h 127.0.0.1 -uroot -prootpass --silent"]
interval: 5s
timeout: 5s
retries: 30
networks:
- cve-2026-34234
mysql_patched:
image: mariadb:11.4
container_name: cve-2026-34234-mariadb-patched
restart: unless-stopped
environment:
MARIADB_DATABASE: ctrlpanel
MARIADB_USER: ctrlpaneluser
MARIADB_PASSWORD: ctrlpanelpass
MARIADB_ROOT_PASSWORD: rootpass
volumes:
- mysql_patched_data:/var/lib/mysql
healthcheck:
test: ["CMD-SHELL", "mariadb-admin ping -h 127.0.0.1 -uroot -prootpass --silent"]
interval: 5s
timeout: 5s
retries: 30
networks:
- cve-2026-34234
redis_vuln:
image: redis:7.4-alpine
container_name: cve-2026-34234-redis-vuln
restart: unless-stopped
networks:
- cve-2026-34234
redis_patched:
image: redis:7.4-alpine
container_name: cve-2026-34234-redis-patched
restart: unless-stopped
networks:
- cve-2026-34234
networks:
cve-2026-34234:
name: cve-2026-34234
driver: bridge
volumes:
mysql_vuln_data:
mysql_patched_data: