dompdf-rce
dompdf-rce copied to clipboard
positive-security
RCE exploit for dompdf
The exploit server should not be php, otherwise, it will just execute phpinfo on the attacker side, use a python HTTP server instead Please fix this as this is misleading
Using this in a CTF and in the README you use PHP to host the css and php file for the exploit. In order for this exploit to work you...
When cloning into the application, the file already is in the fonts folder: `application/dompdf/lib/fonts/exploitfont_normal_3f83639933428d70e74a061f39009622.php` If you delete this file so that the server is like it would be on a...
