Skip to content

[Tool] Forge PHP FastCGI protocol to RCE with strict disable_functions

Notifications You must be signed in to change notification settings

w181496/FuckFastcgi

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 

Repository files navigation

FuckFastCGI

Description

This is a php script to exploit fastcgi protocol to bypass open_basedir and disable_functions.

It will help you to bypass strict disable_functions to RCE by loading the malicious extension.

Usage

  • set the config of index.php
    • unix socket path / tcp host
    • port
    • extension dir path
    • extension name
    • prepend file
    • ...
  • upload this script and your malicious extension to the target machine
  • enjoy it!

About

[Tool] Forge PHP FastCGI protocol to RCE with strict disable_functions

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published