CVE-2021-3129 PoC — Facade Ignition for Laravel 授权问题漏洞

Source

https://github.com/MadExploits/Laravel-debug-Checker

Associated Vulnerability

Title:Facade Ignition for Laravel 授权问题漏洞 (CVE-2021-3129)
Description:Facade Ignition for Laravel是比利时Facade公司的一款运行在Laravel Web框架中的可自定义的错误页面。 Ignition for Laravel 2.5.2之前版本存在授权问题漏洞，该漏洞源于程序未进行正确的身份验证，攻击者可利用该漏洞执行任意代码。

Description

CVE-2021-3129 Exploit Checker By ./MrMad

Readme

# Laravel-debug-Checker

![Laravel](https://img.shields.io/badge/Laravel-FF2D20?style=for-the-badge&logo=laravel&logoColor=white)

CVE-2021-3129 Checker By ./MrMad

Refrence : https://pentest-tools.com/blog/exploit-rce-vulnerability-laravel-cve-2021-3129


# install module

```
python -m pip install -r requirements.txt
```

# installation on linux

```
git clone https://github.com/MadExploits/Laravel-debug-Checker
sudo mv Laravel_debug.py /usr/bin/laravel_debug
sudo chmod +x /usr/bin/laravel_debug
```

# Image
<img src="https://github.com/MadExploits/Laravel-debug-Checker/blob/main/Screenshot%20from%202022-12-10%2011-04-30.png?raw=true" style="widht:100%;">

File Snapshot


 [4.0K]  /data/pocs/39d71fb6eb4677a0075f09e4b53c2413ae8f6cf6
├── [2.0K]  laravel_debug.py
├── [1.0K]  LICENSE
├── [ 666]  README.md
├── [  54]  requirements.txt
└── [1.2M]  Screenshot from 2022-12-10 11-04-30.png

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!