Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added new exploit module laravel_token_unserialize_exec. #12056

Closed
wants to merge 1 commit into from

Conversation

Projects
None yet
2 participants
@aushack
Copy link
Contributor

commented Jul 6, 2019

No description provided.

@aushack aushack closed this Jul 6, 2019

@aushack aushack deleted the aushack:aushack/laravel branch Jul 6, 2019

@bcoles
Copy link
Contributor

left a comment

Two spaces for indentation plz

],
'License' => MSF_LICENSE,
'Platform' => 'unix',
'Arch' => ['cmd'],

This comment has been minimized.

Copy link
@bcoles

bcoles Jul 6, 2019

Contributor
Suggested change
'Arch' => ['cmd'],
'Arch' => ARCH_CMD,
register_options([
OptString.new('PATH', [ true, "Path to target webapp", "/index.php"]),
OptString.new('APP_KEY', [ false, "The base64 encoded APP_KEY string from the .env file", ""]),
Opt::RPORT(80),

This comment has been minimized.

Copy link
@bcoles

bcoles Jul 6, 2019

Contributor

Probably safe to remove this, as it's the default for Msf::Exploit::Remote::HttpClient. Ignore this comment if rport is being overwritten by Msf::Exploit::Remote::Tcp

Suggested change
Opt::RPORT(80),
Opt::RPORT(80),

## Scenarios

msf5 > use exploit/unix/http/laravel_token_unserialize_exec

This comment has been minimized.

Copy link
@bcoles

bcoles Jul 6, 2019

Contributor

Use ` ` ` code blocks plz


### Setting up Laravel on Debian

git clone https://github.com/kozmic/laravel-poc-CVE-2018-15133

This comment has been minimized.

Copy link
@bcoles

bcoles Jul 6, 2019

Contributor

Use ` ` ` code blocks plz

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.