Skip to content

Instantly share code, notes, and snippets.

@dg
Last active December 22, 2020 16:28
Show Gist options
  • Save dg/be0f26b31be15a2f1b1208a1714bf415 to your computer and use it in GitHub Desktop.
Save dg/be0f26b31be15a2f1b1208a1714bf415 to your computer and use it in GitHub Desktop.
CVE-2020-15227 nette/application RCE in-place patch
<?php
# In-place apply the CVE-2020-15227 nette/application patch
# This is a universal patcher for all affected versions.
# Run with `php patch-CVE-2020-15227.php`
# Inspiration: @spazef0rze
$dir = __DIR__;
$iterator = new RecursiveDirectoryIterator($dir);
$iterator = new RecursiveIteratorIterator($iterator);
// find all MicroPresenter.php files
foreach ($iterator as $file) {
if ($file->getFileName() !== 'MicroPresenter.php') {
continue;
}
$orig = file_get_contents((string) $file);
// apply patch to code
$patched = str_replace(
'if (!isset($params[\'callback\'])) {',
'if (!isset($params[\'callback\']) || !$params[\'callback\'] instanceof \Closure) { // patched to fix CVE-2020-15227',
$orig
);
if ($orig === $patched) {
continue;
}
// create a backup file with a suffix
file_put_contents("$file-nette-autoupdate-backup", $orig);
// replace original file
file_put_contents((string) $file, $patched);
echo "patched: $file\n";
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment