search

ambionics / phpggc

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
https://ambionics.io/blog
Apache License 2.0
3.2k stars 492 forks source link

Add CodeIgniter4 FR1 #152

Closed ByQwert closed 1 year ago

ByQwert commented 1 year ago

Update CodeIgniter4 versions.

Add CodeIgniter4 File read gadget. https://github.com/codeigniter4/CodeIgniter4/blob/v4.3.6/system/View/Cells/Cell.php#L119

Possible RCE, because of the include() function: https://github.com/codeigniter4/CodeIgniter4/blob/v4.3.6/system/View/Cells/Cell.php#L110

Update README.md gadgets list.

cfreal commented 1 year ago

Hello !

I've changed the payload type to file include, a GC type that didn't exist before. Your GC is now under CodeIgniter4/FI1.

Thanks ! Charles