CVE-2021-3129

This exploit leverages Laravel's debug mode to achieve remote code execution by manipulating log files through deserialization and PHP filter chains. It uses phpggc to generate a malicious payload and exploits the Ignition component's vulnerability.

This repository contains a functional exploit for CVE-2021-3129, a Laravel Ignition RCE vulnerability. The exploit leverages deserialization via PHAR files and log file manipulation to achieve remote code execution on vulnerable Laravel applications.

This repository contains a functional exploit for CVE-2021-3129, a Laravel Ignition RCE vulnerability. It includes multiple gadget chains for different frameworks (Laravel, Monolog, etc.) and a Python script to automate the exploitation process.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel applications with deserialization vulnerabilities. The script includes multiple exploit chains for RCE and provides automated testing via Docker.

This repository contains a functional exploit for CVE-2021-3129, a Laravel debug mode RCE vulnerability. It includes a Docker environment for replication and an exploit script that leverages PHP deserialization via phar files and Laravel's Ignition debug tool.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel's Ignition component. The exploit leverages a deserialization vulnerability to achieve remote code execution by manipulating the 'solution' and 'parameters' fields in a POST request.

This repository contains a functional exploit for CVE-2021-3129, a Laravel Ignition RCE vulnerability. The exploit leverages PHAR deserialization via log file manipulation to achieve remote code execution.

This repository contains a functional exploit for CVE-2021-3129, a Laravel Ignition deserialization vulnerability leading to RCE. The PoC leverages PHP gadget chains (Monolog RCE5) and phar deserialization to execute arbitrary commands on vulnerable Laravel installations.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel Debug mode RCE. The script automates the exploitation process, including vulnerability detection and payload delivery to achieve remote code execution.

This repository contains a functional exploit for CVE-2021-3129, a Laravel deserialization vulnerability leading to RCE. It includes a Dockerized environment for both victim and attacker, with a Python script that automates the exploitation process using PHPGGC gadget chains.

This repository contains a functional exploit for CVE-2021-3129, a Laravel Ignition RCE vulnerability. The exploit automates PHAR deserialization via log poisoning, leveraging phpggc for payload generation and executing arbitrary commands on vulnerable Laravel applications.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel's Ignition component via deserialization. It includes multiple gadget chains for RCE and a Python script to automate the exploitation process.

This repository contains a Python-based scanner for detecting CVE-2021-3129, a Laravel debug mode vulnerability. It checks for the presence of the '/_ignition/health-check' endpoint and verifies if command execution is enabled.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel applications with debug mode enabled. The exploit leverages deserialization via PHAR files and Laravel Ignition's debug endpoint to achieve remote code execution (RCE).

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel's Ignition component via deserialization. It includes multiple gadget chains for RCE and a Python script to automate the exploitation process.

This repository contains a functional exploit for CVE-2021-3129, a Laravel deserialization vulnerability. The exploit leverages PHPGGC gadget chains to achieve remote code execution (RCE) by manipulating Laravel's Ignition error page and log file handling.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel <= 8.4.2 in debug mode. The exploit leverages deserialization via PHPGGC chains to achieve remote code execution (RCE) by manipulating Laravel's Ignition debug interface.

This repository contains a functional exploit for CVE-2021-3129, a Laravel deserialization vulnerability leading to RCE. The exploit uses phpggc gadget chains to generate malicious payloads and leverages Laravel's Ignition debug mode to execute arbitrary commands.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel's Ignition component via deserialization. The PoC leverages PHPGGC to generate gadget chains for RCE, using phar deserialization and log file manipulation.

This repository contains a functional exploit for CVE-2021-3129, an unauthenticated RCE vulnerability in Laravel <8.4.2 when debug mode is enabled. The exploit leverages deserialization via PHPGGC to achieve remote command execution.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel applications. The exploit leverages a deserialization vulnerability in the Ignition component to achieve remote code execution (RCE) by writing malicious payloads to log files.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel Ignition's deserialization vulnerability. It includes fingerprinting, debug mode detection, and an interactive RCE exploit using PHAR deserialization via the Monolog/RCE1 gadget chain.

This repository contains a functional exploit for CVE-2021-3129, a Laravel RCE vulnerability. The script provides an interactive shell to execute commands, clear logs, and patch the vulnerability on the target system.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel Ignition's deserialization vulnerability. The exploit leverages PHP's phar deserialization to achieve remote code execution (RCE) by manipulating log files and using PHP filters.

This repository contains a multi-threaded scanner for detecting Laravel applications vulnerable to CVE-2021-3129 by checking for specific paths and error responses. It does not include exploit code but identifies potentially vulnerable targets.

This repository contains a functional exploit for CVE-2021-3129, a Laravel Ignition RCE vulnerability. The script automates the exploitation process by generating PHP gadget chains, triggering errors, and executing arbitrary commands via deserialization.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel's Ignition component via deserialization. The exploit generates PHAR-based gadget chains to achieve remote code execution (RCE) by leveraging Laravel's debug mode and log file manipulation.

This repository contains a bash script that scans for CVE-2021-3129, a Laravel Debug RCE vulnerability, by checking for the presence of the '/_ignition/execute-solution' endpoint. It does not exploit the vulnerability but detects potentially vulnerable targets.

This repository contains a functional exploit for CVE-2021-3129, a Laravel RCE vulnerability. The exploit leverages deserialization via PHPGGC gadget chains to achieve remote code execution on vulnerable Laravel applications.

This repository contains a functional exploit for CVE-2021-3129, targeting Laravel's Ignition debug mode. The exploit leverages deserialization via PHAR files and includes multiple gadget chains for different frameworks (e.g., Laravel, Monolog, CodeIgniter4).

This repository contains a functional exploit for CVE-2021-3129, which targets Laravel's debug mode to achieve remote code execution (RCE) via PHAR deserialization. The exploit leverages Laravel Ignition's vulnerability to write malicious PHAR files to the log directory and trigger their deserialization.

This repository contains a functional exploit for CVE-2021-3129, a Laravel Debug mode RCE vulnerability. The exploit leverages PHP deserialization via phar files and Monolog gadget chains to achieve remote code execution.

This repository contains a functional exploit for CVE-2021-3129, an unauthenticated RCE vulnerability in Laravel <8.4.2 when debug mode is enabled. The exploit leverages Laravel's Ignition component and PHP deserialization via PHPGGC to achieve remote command execution.

This Metasploit module exploits an unauthenticated RCE vulnerability in Laravel's Ignition debug mode (CVE-2021-3129) by manipulating log files and leveraging PHP deserialization via phar archives.