Awesome
FuckFastCGI
Description
This is a php script to exploit fastcgi protocol to bypass open_basedir
and disable_functions
.
It will help you to bypass strict disable_functions
to RCE by loading the malicious extension.
Usage
- set the config of
index.php
- unix socket path / tcp host
- port
- extension dir path
- extension name
- prepend file
- ...
- upload this script and your malicious extension to the target machine
- enjoy it!