October 8, 2021 at 10:20AM

■■■□□ Exploit: PHP 7.0-8.0 disable_functions bypass [user_filter].

This exploit uses a bug reported over 10 years ago by Christian Holler. As usual, the PoC was tested on various php builds for Debian/Ubuntu/CentOS/FreeBSD with cli/fpm/apache2 server APIs and found to work reliably.

https://github.com/mm0r1/exploits/tree/master/php-filter-bypass

twitter.com/mozdeco

https://t.me/cKure/9688