Bypass-PHP-GD-Process-To-RCE

Description

Use Similar-Block-Attack to bypass PHP-GD process to RCE.

Usage

Usage: php codeinj.php <src_img> <inj_code>

php codeinj.php demo.gif "<?php phpinfo();?>"

then new image "gd_demo.gif" saved in current path.

You can use a quick demo with demo/index.php, copy that to your test folder and upload gd_demo.gif or your image to test.

Others

If this script doesn't work well, take it easy please! :P

Reference

http://www.secgeek.net/bookfresh-vulnerability/

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
demo		demo
README.md		README.md
codeinj.php		codeinj.php
demo.gif		demo.gif

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

demo

demo

README.md

README.md

codeinj.php

codeinj.php

demo.gif

demo.gif

Repository files navigation

Bypass-PHP-GD-Process-To-RCE

Description

Usage

Others

Reference

About

Releases

Packages

Languages

RickGray/Bypass-PHP-GD-Process-To-RCE

Folders and files

Latest commit

History

Repository files navigation

Bypass-PHP-GD-Process-To-RCE

Description

Usage

Others

Reference

About

Topics

Resources

Stars

Watchers

Forks

Languages