Skip to content
This repository has been archived by the owner on Mar 4, 2021. It is now read-only.
/ WP-Object-Injection-PoC Public archive

This is a simple plugin to help in PoC's of PHP Object Injection in Wordpress.

License

GPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

growlnx/WP-Object-Injection-PoC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
objectInjectionPoC.php
objectInjectionPoC.php
 
 

Repository files navigation

WP Object Injection Proof of Concept

This is a simple plugin to help in PoC's of PHP Object Injection in Wordpress.

How use

First download the WP-Object-Injection-PoC plugin on your "wp-content/plugin" directory and then activate in your wordpress dashboard.

Now you can easily do the PoC of insecure deserialization without worrying about POP chains.

Payload Example

echo serialize(new OI());
// O:2:"OI":2:{s:3:"fcn";s:6:"system";s:3:"cmd";s:2:"id";}

References

About

This is a simple plugin to help in PoC's of PHP Object Injection in Wordpress.

Topics

php wordpress-plugin proof-of-concept code-reuse-attack object-injection

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages