RickGray / Bypass Php Gd Process To Rce
Reference: http://www.secgeek.net/bookfresh-vulnerability/
Stars: ✭ 113
Labels
Projects that are alternatives of or similar to Bypass Php Gd Process To Rce
Tools
Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
Stars: ✭ 1,343 (+1088.5%)
Mutual labels: exploit
H4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+9148.67%)
Mutual labels: exploit
Ansvif
A Not So Very Intelligent Fuzzer: An advanced fuzzing framework designed to find vulnerabilities in C/C++ code.
Stars: ✭ 107 (-5.31%)
Mutual labels: exploit
One gadget
The best tool for finding one gadget RCE in libc.so.6
Stars: ✭ 1,306 (+1055.75%)
Mutual labels: exploit
I9300 emmc toolbox
Samsung Galaxy S3 GT-I9300 eMMC toolbox
Stars: ✭ 89 (-21.24%)
Mutual labels: exploit
Hisilicon Dvr Telnet
PoC materials for article https://habr.com/en/post/486856/
Stars: ✭ 101 (-10.62%)
Mutual labels: exploit
Thoron
Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-23.01%)
Mutual labels: exploit
Gitlab rce
RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1 and LFI for old gitlab versions 10.4 - 12.8.1
Stars: ✭ 104 (-7.96%)
Mutual labels: exploit
Hackvault
A container repository for my public web hacks!
Stars: ✭ 1,364 (+1107.08%)
Mutual labels: exploit
Ddos Rootsec
DDOS Archive by RootSec (Scanners, BotNets (Mirai and QBot Premium & Normal and more), Exploits, Methods, Sniffers)
Stars: ✭ 108 (-4.42%)
Mutual labels: exploit
Awesome Cryptocurrency Security
😎 Curated list about cryptocurrency security (reverse / exploit / fuzz..)
Stars: ✭ 102 (-9.73%)
Mutual labels: exploit
Bypass-PHP-GD-Process-To-RCE
Description
Use Similar-Block-Attack to bypass PHP-GD process to RCE.
Usage
Usage: php codeinj.php <src_img> <inj_code>
php codeinj.php demo.gif "<?php phpinfo();?>"
then new image "gd_demo.gif" saved in current path.
You can use a quick demo with demo/index.php
, copy that to your test folder and upload gd_demo.gif
or your image to test.
Others
If this script doesn't work well, take it easy please! :P
Reference
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].