CVE-2024-4577 PoC — Argument Injection in PHP-CGI

Source

https://github.com/ggfzx/CVE-2024-4577

Associated Vulnerability

Title:Argument Injection in PHP-CGI (CVE-2024-4577)
Description:In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.

Readme

# CVE-2024-4577
### 声明

**本工具仅用于个人安全研究学习。由于传播、利用本工具而造成的任何直接或者间接的后果及损失，均由使用者本人负责，工具作者不为此承担任何责任。**

------

PHP

------

NAME:
   PHP-CGI - 命令执行

USAGE:
    [global options] command [command options] [arguments...]

COMMANDS:
   help, h  Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --target_url url, -u url          读取单个目标的url
   
   --target_file File, -f File       从File读取批量读取URL
   
   --target_command value, -c value  执行命令
   
   --output File, -o File            扫描结果输出到File (default: "success.txt")
   
   --proxy url, -p url               代理的url地址
   
   --thread 数量, -t 数量                批量扫描时的线程数量 (default: 20)
   
   --help, -h                        show help
   
------

### 截图
![image](https://github.com/ggfzx/CVE-2024-4577/assets/86279656/5b5240ea-e056-4dc4-a54b-5c06fd615624)

File Snapshot


 [4.0K]  /data/pocs/d99b1a1e33bfed1fba1244a37ddb612049a33545
└── [1.0K]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!