thinkphp6 session arbitrary file creation vulnerability POC - Code World

thinkphp6 session arbitrary file creation vulnerability POC

Others 2020-04-22 12:00:57 views: null

ThinkPHP6.0.0-6.0.1. thinkphp6 session arbitrary file creation vulnerability POC

https://www.uedbox.com/post/65126/

https://www.php.cn/phpkj/thinkphp/441727.html

On January 13, 2020, Thinkphp 6.0.2 was released, and a repair was indicated on the details page Session安全隐患. After analysis, the vulnerability allows an attacker to create arbitrary files and delete arbitrary files with the session enabled in the target environment, and can also getshell under certain circumstances .

The specific affected version is ThinkPHP6.0.0-6.0.1.

Vulnerability reproduction

Add the following action in the index controller

     
          1 
        
          2 
        
          3 
        
          4 
        
          5 
        
         public 
         function 
         testsession2 
         ( 
         ) 
         { 
        
         $ 
         username 
         = 
         Request 
         :: 
         get 
         ( 
         'name' 
         ) 
         ; 
        
         Session 
         :: 
         set 
         ( 
         'username' 
         , 
         $ 
         username 
         ) 
         ; 
        
         return 
         'hi' 
         ; 
        
         }

Guess you like

Origin www.cnblogs.com/0daybug/p/12750986.html

thinkphp6 session arbitrary file creation vulnerability POC

Arbitrary File Download Vulnerability

Arbitrary file reading and vulnerability reproduction

Arbitrary file upload vulnerability (introduction)

Penetration testing-arbitrary file download vulnerability

UFIDA NC Arbitrary File Upload Vulnerability Reproduced

Arbitrary file upload vulnerability in UEditor .Net version

Atlassian Confluence Arbitrary File Read Vulnerability

[Code Audit] Instance of Arbitrary File Deletion Vulnerability

Arbitrary File Upload Vulnerability in SecGate 3600 Firewall

Hongjing eHR Arbitrary File Upload Vulnerability

There is an arbitrary file reading vulnerability in zeroshell firewall

There is an arbitrary file reading vulnerability in Lanling OA

Arbitrary file reading vulnerability in a billing management system

Arbitrary file upload vulnerability mining (getshell)

The Basic Vulnerability of the Web--An Arbitrary File Reading and Downloading Vulnerability

Vulnerability POC

Tongda OA arbitrary file deletion / OA unauthorized access + arbitrary file upload RCE vulnerability reproduction

CVE-2019-4505: WebSphere arbitrary file read vulnerability alerts

Weblogic arbitrary file upload vulnerability (CVE-2018-2894) reproduction

CVE-2018-2894 weblogic arbitrary file upload vulnerability recurrence

RuoYi 4.5.1 released, prevents arbitrary file download vulnerability

ThinkAdmin arbitrary file reading vulnerability (CVE-2020-25540)

CVE-2021-3019 [Reproduction of Lanproxy arbitrary file read vulnerability]

Arbitrary file upload vulnerability in Zhiyuan OA-ajax.do

Lanproxy arbitrary file reading vulnerability CVE-2021-3019 reproduces

UFIDA KSOA ImageUpload Arbitrary File Upload Vulnerability Recurrence + Exploitation

Reproduce the arbitrary file reading vulnerability of UFIDA CRM system

Grafana Arbitrary File Read Vulnerability (CVE-2021-43798)

CVE-2021-43798 Grafana Unauthorized Arbitrary File Read Vulnerability

Recommended

微软回应中国区AI团队“打包赴美”传闻

Ranking

How to use ChatGPT to write 100,000+ hot articles for public accounts (includes prompt words)

sudo echo command execution Permission denied

ADO: Using Transactions to Operate Oracle Database

[Java] [Class and Object] equals, hashCode, clone methods

Linux virtual host function

Порт управления rabbitmq открыт

on,where

jQuery WeUI

How can there be a weed pilot in Hangzhou?

tcp / ip model four

Daily

More

2024-05-15(5)

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)