[0Day] Laravel CVE-2018-15133

楼主: CMJ0121 (请多指教!!)   2018-12-13 12:47:34
====================================================================
== Subject:
Laravel RCE with APP_KEY leaked
== CVE ID#:
CVE-2018-15133
== Versions:
Laravel 5.6.29 application on PHP 7.2.10
== Summary:
Laravel CVE-2018-15133 https://github.com/kozmic/laravel-poc-CVE-2018-15133
This repository contains a simple Laravel 5.6.29 application on PHP 7.2.10
with one basic noop route added in routes/web.php (see Dockerfile) and Proof
of Concept exploit (cve-2018-15133.php) for CVE-2018-15133 that should
successfully exploit the Laravel application and execute uname -a on the
target system.
====================================================================
看起来有一些人晚上又不睡觉了
作者: nini200 (200妮妮)   2018-12-18 02:40:00
哈哈

Links booklink

Contact Us: admin [ a t ] ucptt.com