inurl:?XDEBUG_SESSION_START=phpstorm

  • 日期:2021-01-26
  • 类别:
  • 作者:Lutzenfried
  • 语法:inurl:?XDEBUG_SESSION_START=phpstorm

  • #Google Dork :

    inurl:?XDEBUG_SESSION_START

    #Summary:

    Xdebug is a php extension that allows to debug php pages, remotely by using DGBp protocol.
    - Code execution is possible through eval or property_set xdebug commands.
    - Attacker is also able to read content of file using source xdebug command

    #Date : 24/01/2021
    #Exploit Author : Lutzenfried (ClémentCruchet)

    Thanks,

    Lutzenfried (Clément Cruchet)