Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-16894 PoC — Laravel Framework 信息泄露漏洞

Source
https://github.com/ibnurusdianto/CVE-2017-16894
Associated Vulnerability
Title:Laravel Framework 信息泄露漏洞 (CVE-2017-16894)
Description:In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php, which uses file_put_contents without restricting the .env permissions. The .env filename is not used exclusively by Laravel framework.
Description
Project Program sederhana hasil belajar python, untuk mendeteksi CVE 2017 – 16894 (remote attackers can obtain sensitive information)
Readme
Screenshot : 

![image](https://github.com/ibnurusdianto/.env-cve2017/assets/43640284/367ed0a5-2536-42df-9b64-b44cbe45228f)
File Snapshot

 [4.0K]  /data/pocs/128f9a591bc3adb6ca007b4dc99022127bfdb6db
├── [1.5K]  main.py
├── [ 124]  README.md
└── [  55]  test.txt

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →