Skip to content

MRdoulestar/CVE-2019-11043

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 

Repository files navigation

CVE-2019-11043

0th3rs Security Team

======================

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11

Tested under PHP 7.2.20/7.3.10

Instructions

1、较为稳定,只要爆破出query长度和Header头字段长度
2、auto_session检测漏洞存在性
3、实现判断目标worker进程数实现健壮性
4、全worker进程污染

Nginx configuration

location ~ [^/]\.php(/|$) {
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    include fastcgi_params;

    fastcgi_param   PATH_INFO       $fastcgi_path_info;
    fastcgi_param SCRIPT_FILENAME   $document_root$fastcgi_script_name;
    fastcgi_param PATH_TRANSLATED   $document_root$fastcgi_path_info;
    fastcgi_pass 127.0.0.1:9000;

Usage:

python cve_2019_11043.py -u http://xxxx/index.php

About

CVE-2019-11043 && PHP7.x && RCE EXP

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages