Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-9841 PoC — PHPUnit 安全漏洞

Source
https://github.com/mileticluka1/eval-stdin
Associated Vulnerability
Title:PHPUnit 安全漏洞 (CVE-2017-9841)
Description:Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.
Description
Automated Exploit for CVE-2017-9841 (eval-stdin.php vulnerable file)
Readme
Util PHP eval-stdin.php (CVE-2017-9841) vulnerability is RCE vulnerability in outdated eval-stdin.php.
This exploit is just automation for mentioned vulnerability and is still in development.

Scripted in Ruby 3.0.4 (within 2 hours), tested on Kali linux, Arch Linux, Ubuntu minimal and Termux.

How to run it?

`ruby evil-eval.rb`

Inside of it, when you type `help` you can see what commands are available such as `revshell`, `checkconnection`, `privesc` which are very, very useful.

When you exit it, you shouldn't do CTRL+C (^C), you can do it by just typing `exit`

DISCLAIMER:

For any misuse or illegal action with this exploit I am totally not responsible.

`Keep calm an 'door the planet`
File Snapshot

 [4.0K]  /data/pocs/b1765681eb2121df5896d133a0fc5b13e8460f39
├── [3.1K]  evil-eval.rb
└── [ 699]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →