Add PoC exploit for CVE-2018-15133

Add a PoC exploit for CVE-2018-15133, remote command execution via improper deserialization of the X-Xsrf-Token header in Laravel Framework through 5.5.40 and 5.6.x through 5.6.29.

Reference PoCs

https://github.com/aljavier/exploit_laravel_cve-2018-15133/blob/main/pwn_laravel.py
https://github.com/Prabesh01/Laravel-PHP-Unit-RCE-Auto-shell-uploader/blob/master/rce.sh (simple curl command)
https://github.com/kozmic/laravel-poc-CVE-2018-15133/blob/master/cve-2018-15133.php (written in PHP?!)

Vuln App

https://github.com/kozmic/laravel-poc-CVE-2018-15133

How to Submit a PoC

See the CONTRIBUTING file for instructions on how to submit a PoC exploit.

ronin-rb / community-pocs

Add PoC exploit for CVE-2018-15133 #38

Reference PoCs

Vuln App

How to Submit a PoC