Access Control: ThinkPHP ⅔ - Remote Code Execution¶

Identifier: thinkphp_2_rce

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner

Description¶

ThinkPHP 2.x and 3.0 in Lite mode are susceptible to remote code execution via the s parameter. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.

Reference:

https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/2-rce

Configuration¶

Example¶

Example configuration:

---
security_tests:
  thinkphp_2_rce:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference¶

`assets_allowed`¶

Type : List[AssetType]*

List of assets that this check will cover.

`skip`¶

Type : boolean

Skip the test if true.