Getting infrastructure deployed and configured correctly has been one of the most time consuming things when demonstrating the cybersecurity attack chain.

Step 1 - Run a Built Container

For this particular use case we know that the application is vulnerable and wouldn't plan to leave this container running outside of a Proof of Concept.

To run the container;

docker run -p 8080:8080 -d freshdemo/node-simple-rce

The container details can be found here, https://github.com/freshdemo/node-simple-rce