关联漏洞
标题:
PHP 操作系统命令注入漏洞
(CVE-2024-4577)
描述:PHP是一种在服务器端执行的脚本语言。 PHP存在操作系统命令注入漏洞,该漏洞源于在特定条件下,Windows系统使用“Best-Fit”行为替换命令行中的字符,这可能导致PHP CGI模块错误地将这些字符解释为PHP选项,从而泄露脚本的源代码,在服务器上运行任意PHP代码等。以下版本受到影响:8.1至8.1.29之前版本,8.3至8.3.8之前版本,8.2至8.2.20之前版本。
描述
CVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters.
介绍
Orange Tsi 🍊
This vulnerability was found by Orange Tsai (@orange_8361) of DEVCORE (@d3vc0r3). Make sure to follow his outstanding research, our role was to only recreate and develop the exploit for this issue.
Security Alert: CVE-2024-4577 PHP CGI Argument Injection Vulnerability
Overview
CVE-2024-4577 is a critical vulnerability in PHP affecting CGI configurations, allowing attackers to execute arbitrary commands via crafted URL parameters.
Affected Versions
PHP 8.3 < 8.3.8
PHP 8.2 < 8.2.20
PHP 8.1 < 8.1.29
Attack Vector
Attackers can exploit this by sending specially crafted requests to the PHP CGI script, injecting malicious parameters to execute arbitrary commands. This can lead to full system compromise.
Mitigation
- Upgrade to the latest PHP version(It is strongly recommended that all users upgrade to the latest PHP versions of 8.3.8, 8.2.20, and 8.1.29)
- Sanitize and validate input parameters.
- Use secure configuration settings to limit CGI parameter handling.
How to Use
Python Script
Install the requests library:
pip install requests
Run the script:
python test_cgi_vulnerability.py
Enter the URL to test when prompted.
Go Script
Make sure Go is installed on your system.
Run the script:
go run test_cgi_vulnerability.go
Enter the URL to test when prompted.
Notes
These scripts check for the vulnerability by sending harmless payloads and examining the response.
Ensure you have permission to test the target server.
Adjust the payloads or URLs as necessary for your specific setup.
Install the requests library:
pip install requests
Run the script:
python test_cgi_vulnerability.py
Enter the URL to test when prompted.
Go Script
Run the script:
go run test_cgi_vulnerability.go
Enter the URL to test when prompted.
Notes
These scripts check for the vulnerability by sending harmless payloads and examining the response.
Ensure you have permission to test the target server.
Adjust the payloads or URLs as necessary for your specific setup.
文件快照
[4.0K] /data/pocs/60d8d75229b91cc17765da80bb82b1b2a7e5dc23
├── [380K] cve-2024-4577_calc.jpg
├── [1.4K] cve_2024_4577.go
├── [117K] cve-2024-4577_php info.png
├── [1.4K] cve_2024_4577.py
└── [1.9K] README.md
0 directories, 5 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。