├── 0ctf-babypass ├── .vscode │ └── c_cpp_properties.json └── pwnlib.c ├── CVE-2016-5771 └── README.md ├── CVE-2019-11043 └── README.md ├── CVE-2023-3824 ├── gen_phar.php └── trigger.php ├── CVE-2024-2961 └── exp.py ├── README.md ├── crash.php ├── n1ctf24-php-master ├── .gitignore ├── Dockerfile ├── README.md ├── conf │ ├── nginx.conf │ ├── php-fpm.conf │ ├── php.ini │ └── www.conf ├── flag ├── solver │ ├── exp.py │ └── uns.php └── source │ ├── composer.json │ ├── composer.lock │ ├── includes │ ├── DataForm.php │ ├── DataFormError.php │ └── FileLogger.php │ ├── index.php │ ├── utils.php │ └── vendor │ ├── autoload.php │ └── composer │ ├── ClassLoader.php │ ├── InstalledVersions.php │ ├── LICENSE │ ├── autoload_classmap.php │ ├── autoload_namespaces.php │ ├── autoload_psr4.php │ ├── autoload_real.php │ ├── autoload_static.php │ ├── installed.json │ └── installed.php ├── php-backtrace-uaf └── fun.php ├── php-json-uaf └── json_uaf.php ├── php-tsrm ├── README.md └── imgs │ ├── 429a5f1bb30ea982fca80b0d3448209c42a9f3e6.jpeg │ ├── 4311ca40a2c2466ca43fae0058fc8047e02fc16a.jpeg │ ├── 8fcb19f5feb751cfb5efcf2a40185e90270dcc35.jpeg │ └── fbb5c18a9fb362134cc687c51dbebf625715532a.jpeg ├── php5-mm ├── README.md └── imgs │ └── ced00121ad512eb991b1afb1c7bf104753c69aa0.png ├── rwctf2019-master-of-php ├── AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA │ └── AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.zip └── exploit.php └── rwctf2021-master-of-php ├── exp.php └── trigger.php /0ctf-babypass/.vscode/c_cpp_properties.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/0ctf-babypass/.vscode/c_cpp_properties.json -------------------------------------------------------------------------------- /0ctf-babypass/pwnlib.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/0ctf-babypass/pwnlib.c -------------------------------------------------------------------------------- /CVE-2016-5771/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/CVE-2016-5771/README.md -------------------------------------------------------------------------------- /CVE-2019-11043/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/CVE-2019-11043/README.md -------------------------------------------------------------------------------- /CVE-2023-3824/gen_phar.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/CVE-2023-3824/gen_phar.php -------------------------------------------------------------------------------- /CVE-2023-3824/trigger.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/CVE-2023-3824/trigger.php -------------------------------------------------------------------------------- /CVE-2024-2961/exp.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/CVE-2024-2961/exp.py -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/README.md -------------------------------------------------------------------------------- /crash.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/crash.php -------------------------------------------------------------------------------- /n1ctf24-php-master/.gitignore: -------------------------------------------------------------------------------- 1 | .gdb_history -------------------------------------------------------------------------------- /n1ctf24-php-master/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/Dockerfile -------------------------------------------------------------------------------- /n1ctf24-php-master/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/README.md -------------------------------------------------------------------------------- /n1ctf24-php-master/conf/nginx.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/conf/nginx.conf -------------------------------------------------------------------------------- /n1ctf24-php-master/conf/php-fpm.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/conf/php-fpm.conf -------------------------------------------------------------------------------- /n1ctf24-php-master/conf/php.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/conf/php.ini -------------------------------------------------------------------------------- /n1ctf24-php-master/conf/www.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/conf/www.conf -------------------------------------------------------------------------------- /n1ctf24-php-master/flag: -------------------------------------------------------------------------------- 1 | flag{xxx} -------------------------------------------------------------------------------- /n1ctf24-php-master/solver/exp.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/solver/exp.py -------------------------------------------------------------------------------- /n1ctf24-php-master/solver/uns.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/solver/uns.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/composer.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/composer.json -------------------------------------------------------------------------------- /n1ctf24-php-master/source/composer.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/composer.lock -------------------------------------------------------------------------------- /n1ctf24-php-master/source/includes/DataForm.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/includes/DataForm.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/includes/DataFormError.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/includes/DataFormError.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/includes/FileLogger.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/includes/FileLogger.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/index.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/index.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/utils.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/utils.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/autoload.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/autoload.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/composer/ClassLoader.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/composer/ClassLoader.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/composer/InstalledVersions.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/composer/InstalledVersions.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/composer/LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/composer/LICENSE -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/composer/autoload_classmap.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/composer/autoload_classmap.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/composer/autoload_namespaces.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/composer/autoload_namespaces.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/composer/autoload_psr4.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/composer/autoload_psr4.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/composer/autoload_real.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/composer/autoload_real.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/composer/autoload_static.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/composer/autoload_static.php -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/composer/installed.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/composer/installed.json -------------------------------------------------------------------------------- /n1ctf24-php-master/source/vendor/composer/installed.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/n1ctf24-php-master/source/vendor/composer/installed.php -------------------------------------------------------------------------------- /php-backtrace-uaf/fun.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/php-backtrace-uaf/fun.php -------------------------------------------------------------------------------- /php-json-uaf/json_uaf.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/php-json-uaf/json_uaf.php -------------------------------------------------------------------------------- /php-tsrm/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/php-tsrm/README.md -------------------------------------------------------------------------------- /php-tsrm/imgs/429a5f1bb30ea982fca80b0d3448209c42a9f3e6.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/php-tsrm/imgs/429a5f1bb30ea982fca80b0d3448209c42a9f3e6.jpeg -------------------------------------------------------------------------------- /php-tsrm/imgs/4311ca40a2c2466ca43fae0058fc8047e02fc16a.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/php-tsrm/imgs/4311ca40a2c2466ca43fae0058fc8047e02fc16a.jpeg -------------------------------------------------------------------------------- /php-tsrm/imgs/8fcb19f5feb751cfb5efcf2a40185e90270dcc35.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/php-tsrm/imgs/8fcb19f5feb751cfb5efcf2a40185e90270dcc35.jpeg -------------------------------------------------------------------------------- /php-tsrm/imgs/fbb5c18a9fb362134cc687c51dbebf625715532a.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/php-tsrm/imgs/fbb5c18a9fb362134cc687c51dbebf625715532a.jpeg -------------------------------------------------------------------------------- /php5-mm/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/php5-mm/README.md -------------------------------------------------------------------------------- /php5-mm/imgs/ced00121ad512eb991b1afb1c7bf104753c69aa0.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/php5-mm/imgs/ced00121ad512eb991b1afb1c7bf104753c69aa0.png -------------------------------------------------------------------------------- /rwctf2019-master-of-php/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/rwctf2019-master-of-php/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.zip -------------------------------------------------------------------------------- /rwctf2019-master-of-php/exploit.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/rwctf2019-master-of-php/exploit.php -------------------------------------------------------------------------------- /rwctf2021-master-of-php/exp.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/rwctf2021-master-of-php/exp.php -------------------------------------------------------------------------------- /rwctf2021-master-of-php/trigger.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/m4p1e/php-exploit/HEAD/rwctf2021-master-of-php/trigger.php --------------------------------------------------------------------------------