Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-9841 PoC — PHPUnit 安全漏洞

Source
https://github.com/ludy-dev/PHPUnit_eval-stdin_RCE
Associated Vulnerability
Title:PHPUnit 安全漏洞 (CVE-2017-9841)
Description:Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
Description
(CVE-2017-9841) PHPUnit_eval-stdin_php Remote Code Execution
Readme
# PHPUnit_eval-stdin_RCE
(CVE-2017-9841) PHPUnit_eval-stdin_php Remote Code Execution

A code injection vulnerability in PHPUnit, a PHP unit testing framework which part of the Mailchimp , Mailchimp E-Commerce moduels in Drupal 
The vulnerability within the /phpunit/src/Util/PHP/eval-stdin.php file through its use of the php://input wrapper.

    Affected :  PHPUnit 4.8.19 - 4.8.27 , PHPUnit 5.0.10 - 5.6.2
    
    [Vuln path]
    /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
    /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php
    /vendor/phpunit/src/Util/PHP/eval-stdin.php
    /vendor/phpunit/Util/PHP/eval-stdin.php
    /phpunit/phpunit/src/Util/PHP/eval-stdin.php
    /phpunit/phpunit/Util/PHP/eval-stdin.php
    /phpunit/src/Util/PHP/eval-stdin.php
    /phpunit/Util/PHP/eval-stdin.php
    /lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php
    /lib/phpunit/phpunit/Util/PHP/eval-stdin.php
    /lib/phpunit/src/Util/PHP/eval-stdin.php
    /lib/phpunit/Util/PHP/eval-stdin.php
    
This script which check the presence or absence of CVE-2017-9841 Vulnerability is based on Python3.

    <Usage>
    
    python PHPUnit_eval-stdin_RCE.py <dst_ip> <dst_port> (user defined port)

    python PHPUnit_eval-stdin_RCE.py <dst_ip> (default : 80/tcp)
File Snapshot

 [4.0K]  /data/pocs/4f87c5234a482918256ec652804a2ccd7877e57b
├── [1.5K]  PHPUnit_eval-stdin_RCE.py
└── [1.2K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →