GitBook: [master] one page modified

This commit is contained in:
CPol 2021-07-06 18:09:19 +00:00 committed by gitbook-bot
parent 650cee2e50
commit 47cae5fddd
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF

View file

@ -21,6 +21,10 @@ For example, when the CGI script http://mysitename.com/**cgi-bin/file.pl** is ac
The need to develop FastCGI is that Web was arisen by applications' rapid development and complexity, as well to address the scalability shortcomings of CGI technology. To meet those requirements [Open Market](http://en.wikipedia.org/wiki/Open_Market) introduced **FastCGI a high performance version of the CGI technology with enhanced capabilities.**
## RCE \(7.\[123\].x\)
This [**metasploit module**](https://www.rapid7.com/db/modules/exploit/multi/http/php_fpm_rce/) exploits an underflow vulnerability in versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 of **PHP-FPM on Nginx**.
## disable\_functions bypass
It's possible to run PHP code abusing the FastCGI and avoiding the `disable_functions` limitations.