#!/usr/bin/python
# Description: LimeSurvey < 316 use a old version of "TCPDF" library, this version is vulnerable to a Serialization Attack via the "phar://" wrapper
# Date: 29/03/2019
# Exploit Title: Remote Code Execution in LimeSurvey < 316 via Serialization Attack in TCPDF
# Exploit Author: @q3rv0
# Google Dork:
# Version: < 316 ...
Goal of this repo is to convert exploit-db python2 scripts to python3
py2to3
led | 10th March, 2021
The purpose of this repo is to convert python2 exploits and scripts to python as the support for python2 has dropped
Table of contents
CVE-2020-25213
CVE-2018-17057
CVE-2020-25213
The File Manager (wp-file-manager) plugin before 69 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe exa
Chaos Communication Camp 2019 Web PDFCreator
题目详情
A pdf conversion service What could go wrong?
考点
TCPDF CVE-2018-17057
反序列化
启动
docker-compose up -d
open 127001:4539/
Writeup
teamrocketistgithubio/2019/08/25/Web-Chaos-Communication-Camp-2019-CTF-pdfcreator/
相关说明
flag保存在file