==================================================================== == Subject: Laravel RCE with APP_KEY leaked == CVE ID#: CVE-2018-15133 == Versions: Laravel 5.6.29 application on PHP 7.2.10 == Summary: Laravel CVE-2018-15133 https://github.com/kozmic/laravel-poc-CVE-2018-15133 This repository contains a simple Laravel 5.6.29 application on PHP 7.2.10 with one basic noop route added in routes/web.php (see Dockerfile) and Proof of Concept exploit (cve-2018-15133.php) for CVE-2018-15133 that should successfully exploit the Laravel application and execute uname -a on the target system. ==================================================================== 看起來有一些人晚上又不睡覺了 -- ※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 106.1.224.240 ※ 文章網址: https://www.ptt.cc/bbs/NetSecurity/M.1544676458.A.4FC.html