From 0ba120e2500065f9909bddd41b5b3fd604d3d7d0 Mon Sep 17 00:00:00 2001 From: Swissky <12152583+swisskyrepo@users.noreply.github.com> Date: Wed, 23 Jun 2021 22:14:55 +0200 Subject: [PATCH] Fix #382 --- Insecure Deserialization/PHP.md | 1 - .../CVE-2021-22204_exiftool_echo.jpg | Bin 0 -> 681 bytes .../CVE-2021-22204_exiftool_revshell.jpg | Bin 0 -> 738 bytes 3 files changed, 1 deletion(-) create mode 100644 Upload Insecure Files/Picture Metadata/CVE-2021-22204_exiftool_echo.jpg create mode 100644 Upload Insecure Files/Picture Metadata/CVE-2021-22204_exiftool_revshell.jpg diff --git a/Insecure Deserialization/PHP.md b/Insecure Deserialization/PHP.md index 14bc206..08e002e 100644 --- a/Insecure Deserialization/PHP.md +++ b/Insecure Deserialization/PHP.md @@ -189,7 +189,6 @@ $poc->stopBuffering(); ## References * [PHP Object Injection - OWASP](https://www.owasp.org/index.php/PHP_Object_Injection) -* [PHP Object Injection - Thin Ba Shane](http://location-href.com/php-object-injection/) * [PHP unserialize](http://php.net/manual/en/function.unserialize.php) * [PHP Generic Gadget - ambionics security](https://www.ambionics.io/blog/php-generic-gadget-chains) * [POC2009 Shocking News in PHP Exploitation](https://www.owasp.org/images/f/f6/POC2009-ShockingNewsInPHPExploitation.pdf) diff --git a/Upload Insecure Files/Picture Metadata/CVE-2021-22204_exiftool_echo.jpg b/Upload Insecure Files/Picture Metadata/CVE-2021-22204_exiftool_echo.jpg new file mode 100644 index 0000000000000000000000000000000000000000..17345471328533dc660101d6ed1faa05a58f5262 GIT binary patch literal 681 zcmZ<^Q44YN5AtPTU|#Ry73S;W31TzoH8L;(DK{Wq^Z)<7{WBF5PfYZC&BHE#=~l;! z>}M|gI)zN{JTK=>-Mi?pl0C!(hB%-Jp`Lzj{y=S93>*v`5)3H}Vho;s&OSg9{^E?p zqSTc5#Js$Gz09;U1}AqD6QH;tgBK$cNOjkISsNFoCRV}M3(YDr>BVo4$wr-pNWL1j^9dPa$YQVf@pf}TQQMRjU&M!rH>Vs=%P df}MUzZh=0ST?>>1DM?aL(p1n?7zKkr1OQaEe3SqH literal 0 HcmV?d00001 diff --git a/Upload Insecure Files/Picture Metadata/CVE-2021-22204_exiftool_revshell.jpg b/Upload Insecure Files/Picture Metadata/CVE-2021-22204_exiftool_revshell.jpg new file mode 100644 index 0000000000000000000000000000000000000000..eca7e9bef720737144ac315befdabbde540b64bc GIT binary patch literal 738 zcmZ<^Q44YN5AtPTU|#Ry73S;W31TzoH8L;(DK{Wq^Z)<7{WBF5PfYZC&BHE#=~l;! z>}M|gI)zN{JTK=>-Mi?pl0C!(hB%-Jp`Lzj{y=S93>*v`5)3H}Vho;s&OSg9{^E?p zqSTc5#Js$Gz09;U1}AqD6QH;tgBK$cNOjkISsNFoCRV}M3(YDr>BVo4$wr-pNWL1j^9dPa$YQVf@pf}TQQMRifGf__PEfqt5G zZgyH`T0V@IoLB;7*61f?=IIw_DClM?7}=>A*5oBC7#f-D833W7f{Brdk%Aq>2nDrT VprIh6lN6LR6*Lt_!Qc-8E&$Sxi(mi% literal 0 HcmV?d00001