Fixed PHP Code Gadget Chains: Doctrine/RCE1 | Horde/RCE1 | Laravel/RCE5 | PHPSecLib/RCE1 | Symfony/RCE3 | ZendFramework/RCE1 | ZendFramework/RCE4 #159
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Hello nowak0x01, While refactoring I forgot to add parameters to Thanks for noticing the bug ! |
ricardojba
added a commit
to ricardojba/poi-slinger
that referenced
this pull request
Dec 20, 2023
# Add: Drupal7/RCE1 (update info) Laravel/RCE17 Laravel/RCE18 Laravel/RCE19 Laravel/RCE20 CodeIgniter4/RCE3 WordPress/RCE1 WordPress/RCE2 # Fix: Doctrine/RCE1 | Horde/RCE1 | Laravel/RCE5 | PHPSecLib/RCE1 | Symfony/RCE3 | ZendFramework/RCE1 | ZendFramework/RCE4 # Ref: ambionics/phpggc#159
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hello, when attempting to utilize any of the following PHP Code Gadget Chains
Doctrine/RCE1 Horde/RCE1 Laravel/RCE5 PHPSecLib/RCE1 Symfony/RCE3 ZendFramework/RCE1 ZendFramework/RCE4The message "ERROR: Invalid arguments for type "RCE: PHP Code"" was received.
Generating these PHP Code gadget chains was only feasible without passing any arguments, necessitating direct editing within the PHP object.
The solution that proved effective was adding this code snippet to the
chain.phpfiles located atgadgetchains/{gadget}/RCE/{id}/chain.phpwhen generating the gadgets:public static $parameters = ['code'];