CVE-2017-9841 PoC — PHPUnit 安全漏洞

Source

https://github.com/MrG3P5/CVE-2017-9841

Associated Vulnerability

Title:PHPUnit 安全漏洞 (CVE-2017-9841)
Description:Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.

Description

A Tool for scanning CVE-2017-9841 with multithread

Readme

<p align="center">
<img src="https://avatars.githubusercontent.com/u/57594747?s=400&u=da1eec8bf84a62a2ca11230d358dfac0bb000bcd&v=4" alt="png" width="128" height="128"/>
</p>
<p align="center">
<h1 align="center">MASS CVE-2017-9841</h1>
</p>
<p align="center">
<a href="https://github.com/MrG3P5"><img title="Author" src="https://img.shields.io/badge/Author-X MrG3P5-red.svg?style=for-the-badge&logo=github"></a>
</p>
<br>

## Usage

```sh
apt install python3 python3-pip -y
pip3 install -r require.txt
python3 main.py
```

## Preview
![index](https://raw.githubusercontent.com/MrG3P5/CVE-2017-9841/main/Screenshot_2023-03-13_07_41_26.png)

## Reference
https://www.exploit-db.com/exploits/50702

File Snapshot


 [4.0K]  /data/pocs/c0389066aceb08e717d9a00f0fcc21df6a6e4c8f
├── [2.2K]  main.py
├── [ 695]  README.md
├── [  27]  require.txt
└── [217K]  Screenshot_2023-03-13_07_41_26.png

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!