Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-4577 PoC — Argument Injection in PHP-CGI

Source
https://github.com/JeninSutradhar/CVE-2024-4577-checker
Associated Vulnerability
Title:Argument Injection in PHP-CGI (CVE-2024-4577)
Description:In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Description
A Bash script designed to scan multiple domains for the CVE-2024-4577 vulnerability in PHP-CGI.
Readme
# CVE-2024-4577 Vulnerability Checker

The CVE-2024-4577 Vulnerability Checker is a Bash script designed to scan multiple domains for the CVE-2024-4577 vulnerability in PHP-CGI. This tool allows security researchers and system administrators to quickly assess whether their systems or a list of domains are potentially vulnerable to this specific security issue.

### Features

- Multi-threaded scanning for faster results
- Customizable User-Agent string
- Detailed logging and HTML report generation
- Support for scanning multiple domains from a file

### Requirements

- Bash (version 4.0 or later)
- curl

## Installation

1. Clone the repository or download the script:

- `git clone https://github.com/JeninSutradhar/CVE-2024-4577-checker.git`
- `cd cve-2024-4577-checker`

2. Make the script executable:

- `chmod +x cve_2024_4577_checker.sh`

## Usage

### Basic Usage 
`./cve_2024_4577_checker.sh -f domains.txt`
- This will scan all domains listed in the domains.txt file.

### Options

- `-f` file: Specify a file containing a list of domains to check (one domain per line)
- `-t` threads: Set the number of concurrent threads (default: 10)
- `-u` user_agent: Set a custom User-Agent string
- `-i`: Run in interactive mode, allowing manual input of domains
- `-h`: Display the help message

### Output

- **At the end of the scan, a summary is displayed showing:**

1. Total number of scanned domains
2. Number of vulnerable domains
3. Number of safe domains
4. Number of domains that timed out

- **Additionally, two files are generated:**

1. A detailed log file (vulnerability_scan_[timestamp].log)
2. An HTML report (vulnerability_report_[timestamp].html)

## Examples

1. Scan domains from a file:

`./cve_2024_4577_checker.sh -f domains.txt`

2. Scan domains with increased concurrency:

`./cve_2024_4577_checker.sh -f domains.txt -t 20`

3. Use a Custom User-Agent:

`./cve_2024_4577_checker.sh -f domains.txt -u "MyCustomUserAgent/1.0"`

4. Run in interactive mode:

`./cve_2024_4577_checker.sh -i`

### License
This project is licensed under the MIT License - see the LICENSE file for details.

### Disclaimer
This tool is for educational and testing purposes only. Always ensure you have permission to scan the target domains. The authors are not responsible for any misuse or damage caused by this program.
File Snapshot

 [4.0K]  /data/pocs/75f291c030c00240e15a6ea841403a80abb49d55
├── [6.0K]  cve_2024_4577_checker.sh
├── [  28]  domains.txt
├── [1.0K]  LICENSE
└── [2.3K]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →