作者CMJ0121 (不要偷 Q)
看板NetSecurity
标题[0Day] Laravel CVE-2018-15133
时间Thu Dec 13 12:47:34 2018
====================================================================
== Subject:
Laravel RCE with APP_KEY leaked
== CVE ID#:
CVE-2018-15133
== Versions:
Laravel 5.6.29 application on PHP 7.2.10
== Summary:
Laravel CVE-2018-15133
https://github.com/kozmic/laravel-poc-CVE-2018-15133
This repository contains a simple Laravel 5.6.29 application on PHP 7.2.10
with one basic noop route added in routes/web.php (see Dockerfile) and Proof
of Concept exploit (cve-2018-15133.php) for CVE-2018-15133 that should
successfully exploit the Laravel application and execute uname -a on the
target system.
====================================================================
看起来有一些人晚上又不睡觉了
--
※ 发信站: 批踢踢实业坊(ptt.cc), 来自: 106.1.224.240
※ 文章网址: https://webptt.com/cn.aspx?n=bbs/NetSecurity/M.1544676458.A.4FC.html
1F:推 nini200: 哈哈 12/18 02:40