Access Control: PHP 8.1.0-dev - Backdoor Remote Code Execution¶
Identifier:
php_zerodium_backdoor_rce
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner |
|---|---|---|
Description¶
PHP 8.1.0-dev contains a backdoor dubbed 'zerodiumvar_dump' which can allow the execution of arbitrary PHP code.
Reference:
- https://news-web.php.net/php.internals/113838
- https://flast101.github.io/php-8.1.0-dev-backdoor-rce/
- https://github.com/flast101/php-8.1.0-dev-backdoor-rce/blob/main/revshell_php_8.1.0-dev.py
Configuration¶
Example¶
Example configuration:
---
security_tests:
php_zerodium_backdoor_rce:
assets_allowed:
- REST
- GRAPHQL
- WEBAPP
skip: false
Reference¶
assets_allowed¶
Type : List[AssetType]*
List of assets that this check will cover.
skip¶
Type : boolean
Skip the test if true.