Build a vulnarable installer for testing

Have a great idea for extending Zimbra? Share ideas, ask questions, contribute, and get feedback.
Post Reply
sekjaker
Posts: 1
Joined: Tue Oct 25, 2022 7:28 am

Build a vulnarable installer for testing

Post by sekjaker »

Hi, I'm trying to create an installer for version 9.0.0 p25 but I can't replicate the vulnerability CVE-2022-27925.

I followed the steps of the official repositories:
https://github.com/Zimbra/zm-build/#building

Code: Select all

mkdir installer-build
cd installer-build
git clone --depth 1 --branch 9.0.0.p25 git@github.com:Zimbra/zm-build.git
cd zm-build
ENV_CACHE_CLEAR_FLAG=true ./build.pl --ant-options -DskipTests=true --git-default-tag=9.0.0.p25,9.0.0.p24.1,9.0.0.p24,9.0.0.p23,9.0.0.p22,9.0.0.p21,9.0.0.p20,9.0.0.p19,9.0.0.p18,9.0.0.p17,9.0.0.p16,9.0.0.p15,9.0.0.p14,9.0.0.p13,9.0.0.p12,9.0.0.p11,9.0.0.p10,9.0.0.p9,9.0.0.p8,9.0.0.p7,9.0.0.p6.1,9.0.0.p6,9.0.0.p5,9.0.0.p4,9.0.0.p3,9.0.0.p2,9.0.0.p1,9.0.0 --build-release-no=9.0.0 --build-type=FOSS --build-release=NIKOLATESLA --build-release-candidate=GA --build-thirdparty-server=files.zimbra.com --build-no=3969 --no-interactive
I was able to create the installer and apply it on a clean vm, but when I try to run the exploit it doesn't work
thanks in advance and excuse me for my english
Post Reply