CVE-2024-4577 PoC — PHP 操作系统命令注入漏洞

来源

关联漏洞

Description

This is a PoC for PHP CVE-2024-4577.

介绍

# CVE-2024-4577
This is a PoC for PHP CVE-2024-4577.

## Introduction

Security in the digital environment is more important than ever. That said, imagine an invisible door opens on millions of websites due to a new vulnerability in PHP, one of the most used programming languages ​​on the web. This vulnerability, known as **CVE-2024-4577**, allows remote attackers to execute arbitrary commands on affected servers by injecting arguments into 1CGI. Discovered by security researcher **Orange Tsai** ([@orange_8361](https://x.com/orange_8361)) of **DEVCORE** ([@d3vc0r3](https://x.com/d3vc0r3)), this flaw has captured the attention of the global security community. The information we present here comes from external research sources.

## Vulnerability Description

**CVE-2024-4577** is a remote code execution (**RCE**) vulnerability that affects the implementation of encoding conversion on Windows systems. This flaw is due to the way PHP handles certain arguments during encoding conversion, which can be exploited by attackers to inject and execute malicious code on the server. The vulnerability arises due to an oversight in the [**Best-Fit**](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-ucoderef/d1980631-6401-428e-a49d-d71394be7da8) feature of encoding conversion within the Windows operating system, allowing attackers to bypass the protection implemented for [**CVE-2012-1823**](https://www.kb.cert.org/vuls/id/520827) via specific character sequences.

## Usage

```PHP
./CVE-2024-4577.sh <TARGET_URL>
```

Happy hacking!

文件快照

 [4.0K]  /data/pocs/a9210809945c8c83ba6ff3a1f8219a0ed9abb92a
├── [1.4K]  CVE-2024-4577.sh
└── [1.5K]  README.md

0 directories, 2 files

备注