Hundreds of millions of people using everyday platforms could be at risk. One of the most popular server-side web programming languages, Hypertext Preprocessor (PHP) was discovered to be at high risk for attacks. Patches for high-severity vulnerabilities have been released. Without a protective system like a smart WAF or a patch in place, those vulnerabilities could open the door for remote attacks that compromise servers through arbitrary code execution.

Today we will explore an exciting method to remotely execute code even if an administrator set disable_functions in the PHP configuration file. It works at most popular UNIX-like systems. CVE-2018–19518 was assigned to the vulnerability was found by a man with the @crlf nickname. Let’s see details of that vulnerability and how can we exploit it. Testing Environment For testing manipulations, we need to up a testing environment. I’ll use docker container with Debian 9…