漏洞描述
The web application was built on the Laravel framework, with Laravel Terminal enabled and publicly accessible; this was detected in the production environment and led to disclosure of sensitive application information.
laravel-terminal-exposure: Laravel Terminal - Exposed
PoC代码[已公开]
id: laravel-terminal-exposure
info:
name: Laravel Terminal - Exposed
author: pussycat0x
severity: high
description: |
The web application was built on the Laravel framework, with Laravel Terminal enabled and publicly accessible; this was detected in the production environment and led to disclosure of sensitive application information.
reference:
- https://github.com/recca0120/laravel-terminal
- https://www.acunetix.com/vulnerabilities/web/laravel-terminal-open/
metadata:
max-request: 1
verified: false
tags: laravel,terminal,exposure,misconfig,rce
http:
- method: GET
path:
- "{{BaseURL}}/asf/terminal"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Laravel Terminal"
- "terminal.endpoint"
condition: or
- type: status
status:
- 200
# digest: 4b0a00483046022100d662b5dc63e59a4baf3dfbb8169ac9711e180b884941489be12dfd45340cc6c5022100a3f83e45d10791af826a3b0733b97bf4387a8e131dc2fa30a1c91a74b49ab7f4:922c64590222798bb761d5b6d8e72950