https://github.com/CFandR-github/PHP-binary-bugs
PHP binary bugs advisory
https://github.com/CFandR-github/PHP-binary-bugs
Last synced: about 1 month ago
JSON representation
PHP binary bugs advisory
- Host: GitHub
- URL: https://github.com/CFandR-github/PHP-binary-bugs
- Owner: CFandR-github
- Created: 2022-05-22T12:45:16.000Z (about 3 years ago)
- Default Branch: main
- Last Pushed: 2022-07-30T21:35:22.000Z (almost 3 years ago)
- Last Synced: 2024-11-13T19:40:26.746Z (7 months ago)
- Language: Python
- Homepage:
- Size: 1.8 MB
- Stars: 178
- Watchers: 8
- Forks: 32
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- Awesome-GithubRepos - PHP binary bugs
README
# Advisory of Exploits AI POP Builder
Collection of PHP binary bugs advisory
### Unfixed GMP Type confusion in unserialize
Idea: bypass delayed \_\_wakeup and exploit unfixed GMP type confusion bug in PHP <= 5.6.40
POC source: [GMP_type_conf_POC.php](./GMP_type_conf_unserialize/GMP_type_conf_POC.php)
[Advisory](./GMP_type_conf_unserialize/GMP_type_conf_advisory.md)
### CVE-2022-31626 analysis
Idea: heap buffer overflow in mysqlnd, PHP <= 7.4.29
POC source: [./cve_2022_31626_remote_exploit/exploit_poc.py](./cve_2022_31626_remote_exploit/exploit_poc.py)
[Advisory](./cve_2022_31626_remote_exploit/cve_writeup.md)
# Contacts
Project channel in Telegram:
- [https://t.me/CFandR_project](https://t.me/CFandR_project)