Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

ThinkPHP 5.0.23 - Remote Code Execution

By kannthu

Critical
Vidoc logoVidoc Module
#thinkphp#rce
Description

What is "ThinkPHP 5.0.23 - Remote Code Execution?"

The "ThinkPHP 5.0.23 - Remote Code Execution" module is designed to detect the vulnerability in ThinkPHP 5.0.23 that allows remote code execution. ThinkPHP is a popular PHP framework used for web application development. This vulnerability is classified as critical, indicating its potential to cause significant harm if exploited. The module was created by an undisclosed author.

Impact

If successfully exploited, this vulnerability can allow an attacker to execute arbitrary code remotely on the target system. This can lead to unauthorized access, data breaches, and potential compromise of the entire application or server.

How the module works?

The module sends a POST request to the "/index.php?s=captcha" endpoint with specific headers and parameters. It then applies matching conditions to determine if the target system is vulnerable. The matching conditions include checking for the presence of certain keywords like "PHP Extension," "PHP Version," and "ThinkPHP" in the response body, as well as verifying that the response status code is 200.

By analyzing the response, the module can identify if the ThinkPHP 5.0.23 version is present and potentially vulnerable to remote code execution. If a match is found, the module will report the vulnerability to the user.

Module preview

Concurrent Requests (1)
1. HTTP Request template
POST/index.php?s=captcha
Headers

Content-Type: application/x-www-fo...

Matching conditions
word: PHP Extension, PHP Version, ThinkPHPand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability