This exploit leverages a PHP memory exhaustion vulnerability to perform a Denial of Service (DoS) attack. It sends a base64-encoded payload via the 'Accept-Language' header, which is then decoded and executed on the target server, consuming memory and causing the server to crash or become unresponsive.
Classification
Working Poc 90%
Target:
PHP (version not specified, likely older versions with SAFE_MODE)
No auth needed
Prerequisites:
Target server running vulnerable PHP version · Network access to the target server · fsockopen function enabled on the attacker's server