Some of my exploits.
Twitter: @cfreal_
Some of my exploits.
Some of my exploits.
Twitter: @cfreal_
Hi!
I get an "UAF failed, exiting." error, with Apache 2.4.18 and PHP 7.0.4.
Thanks!
CARPE (DIEM) ~ CVE-2019-0211
PID: 6498
Fetching addresses
zend_object_std_dtor: 0x7f3b41351f80
system: 0x7f3b44212390
libaprX: 0x7f3b447b4000-0x0x7f3b447e5000
libaprR: 0x7f3b449e4000-0x0x7f3b449e5000
shm: 0x7f3b44f7e000-0x0x7f3b44f91000
apache: 0x7f3b44fd2000-0x0x7f3b450a2000
Obtaining apache workers PIDs
Found apache worker: 2280
Found apache worker: 2576
Found apache worker: 6495
Found apache worker: 6496
Found apache worker: 6497
Found apache worker: 6498
Found apache worker: 6500
Found apache worker: 7296
Found apache worker: 7437
Got 9 PIDs.
Triggering UAF
Creating room and filling empty spaces
Allocating $abc and $p
Unsetting both variables and setting $protector
Creating DateInterval object
UAF failed, exiting.
test@test:/var/www/html$ php -v
php -v
PHP 7.0.4-7ubuntu2 (cli) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies
test@test:/var/www/html$ apache2ctl -v
apache2ctl -v
Server version: Apache/2.4.18 (Ubuntu)
Server built: 2016-04-15T18:00:57
Please, consider adding an open source license file to this project.
I am wondering the mechanism to reverse this exploit, as if I use this as a PoC against my own server how to I revert the escalation without rolling back to a previous version? How would an incident response team work to remediate this if exploited?
Assuming it is just to change the permissions of python back to what they were before without the suid being 0. It would be good to add that to the documentation for Incident Response or Admin teams who may want to test and fix.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.