Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MySql and FastCGI null byte error payload error #21

Open
GeniusGeeek opened this issue Apr 13, 2024 · 2 comments
Open

MySql and FastCGI null byte error payload error #21

GeniusGeeek opened this issue Apr 13, 2024 · 2 comments

Comments

@GeniusGeeek
Copy link

A php website vunerable to SSRF using the curl_setopt() function to load files will throw this error due to the null byte in the generated url when using the payload url generated by exploit MySql and exploit FastCGI

PHP Fatal error: Uncaught ValueError: curl_setopt(): cURL option must not contain any null bytes
making the attack void
@dang178
Copy link

dang178 commented Apr 16, 2024

you should second urlencode strings

@GeniusGeeek
Copy link
Author

alright, issue resolved. The fastCGI, it is unclear how the session of RCE is to be gotten, example ls given as command how will the result of ls be gotten?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dang178 @GeniusGeeek