CVE-2019-11043 PoC — PHP 缓冲区错误漏洞

Source

https://github.com/MRdoulestar/CVE-2019-11043

Associated Vulnerability

Title:PHP 缓冲区错误漏洞 (CVE-2019-11043)
Description:PHP（PHP：Hypertext Preprocessor，PHP：超文本预处理器）是PHPGroup和开放源代码社区的共同维护的一种开源的通用计算机脚本语言。该语言主要用于Web开发，支持多种数据库及操作系统。 PHP中存在缓冲区错误漏洞。该漏洞源于网络系统或产品在内存上执行操作时，未正确验证数据边界，导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。以下产品及版本受到影响：PHP 7.1.33之前版本的7.1.x版本，7.2.24之前版本的7.2.x版本，7

Description

CVE-2019-11043  &&  PHP7.x  &&  RCE  EXP

Readme

# CVE-2019-11043

### 0th3rs Security Team
#### ======================
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11

Tested under PHP 7.2.20/7.3.10

#### Instructions
```
1、较为稳定,只要爆破出query长度和Header头字段长度
2、auto_session检测漏洞存在性
3、实现判断目标worker进程数实现健壮性
4、全worker进程污染
```

#### Nginx configuration
```
location ~ [^/]\.php(/|$) {
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    include fastcgi_params;

    fastcgi_param   PATH_INFO       $fastcgi_path_info;
    fastcgi_param SCRIPT_FILENAME   $document_root$fastcgi_script_name;
    fastcgi_param PATH_TRANSLATED   $document_root$fastcgi_path_info;
    fastcgi_pass 127.0.0.1:9000;

```

#### Usage:
```
python cve_2019_11043.py -u http://xxxx/index.php
```

File Snapshot


 [4.0K]  /data/pocs/56e3f94845bb185d4830b94e59772141849f0eae
├── [4.7K]  cve_2019_11043.py
└── [ 835]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!