Old news but. PHPMyAdmin remote execution

Kommentieren Jun 19 2009 .txt, .json, .md

Ist zwar schon eine Woche her, aber nicht jeder hat seinen phpmyadmin aktualisert…

I think this vulnerability is a nice reminder that it’s still possible to perform remote command execution these days without relying on SQL injection (i.e.: xp_cmdshell) or a memory corruption bug (i.e.: heap overflow).

After reading the public advisory and patched code, and playing around for a while, I managed to have a working PoC bash script. The script will allow you to remotely run shell commands and PHP code against vulnerable targets. Although in principle the vulnerability sounds quite simple, it actually took me a while to go from advisory to working attack code.

CVE-2009-1151: phpMyAdmin Remote Code Execution Proof of Concept