Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

ThinkPHP 2/3 - Remote Code Execution

By kannthu

Vidoc logoVidoc Module

What is "ThinkPHP 2/3 - Remote Code Execution?"

The "ThinkPHP 2/3 - Remote Code Execution" module is designed to detect a vulnerability in ThinkPHP 2.x and 3.0 in Lite mode. This vulnerability allows remote attackers to execute arbitrary code by exploiting the "s" parameter. The severity of this vulnerability is classified as critical.

This module was authored by dr_set.


If successfully exploited, this vulnerability can have severe consequences. Attackers can execute malicious code, gain unauthorized access to sensitive information, manipulate data, and take full control of compromised systems without the need for valid credentials.

How the module works?

The module sends an HTTP GET request to the target with a specific path parameter. For example:


The module then applies matching conditions to the response to determine if the vulnerability is present. The matching conditions include:

- Checking if the response contains the words "PHP Extension," "PHP Version," and "ThinkPHP." - Verifying that the response status code is 200.

If all matching conditions are met, the module reports the vulnerability.

For more information, refer to the reference.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: PHP Extension, PHP Version, ThinkPHPand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability