Share
## https://sploitus.com/exploit?id=35896337-DA85-5D42-B9FC-4DF2E3EC881E
<h1 align="center">Remote Code Execution: Laravel (CVE-2021-3129)</h1>

<p align="center">
    <img src="https://api.visitorbadge.io/api/visitors?path=https%3A%2F%2Fgithub.com%2Fjoshuavanderpoll%2FCVE-2021-3129&label=Views&countColor=%2337d67a" />
    <a href="https://www.python.org/">
      <img src="https://img.shields.io/badge/python-3670A0?style=for-the-badge&logo=python&logoColor=ffdd54" alt="Python">
    </a>
</p>

## ๐Ÿ“œ Description 
This script is designed to exploit the Remote Code Execution (RCE) vulnerability identified in several Laravel versions, known as CVE-2021-3129. By leveraging this vulnerability, the script allows users to write and execute commands on a target website running a vulnerable Laravel instance, provided that the "APP_DEBUG" configuration is set to "true" in the ".env" file.

## ๐Ÿ“š Table of Contents
- ๐Ÿ“œ [Description](#-description)
- ๐Ÿ› ๏ธ [Installation](#๏ธ-installation)
- โš™๏ธ [Usage](#๏ธ-usage)
- ๐Ÿ‹ [Docker POC](#-docker-poc)
- ๐Ÿ’ป [Example](#-example)
- ๐Ÿฉน [Patch options](#-patch-options)
- ๐Ÿ’ก [Contributing to the project](#-contributing-to-the-project)
- ๐Ÿ•ต๐Ÿผ [References](#-references)
- ๐Ÿ“ข [Disclaimer](#-disclaimer)

## ๐Ÿ› ๏ธ Installation
> [!NOTE]
> To ensure a clean and isolated environment for the project dependencies, it's recommended to use Python's `venv` module.

### iOS/Linux
```bash
$ git clone https://github.com/joshuavanderpoll/CVE-2021-3129.git
$ cd CVE-2021-3129
$ python3 -m venv .venv
$ source .venv/bin/activate
$ pip3 install -r requirements.txt
```

### Windows
```bash
$ git clone https://github.com/joshuavanderpoll/CVE-2021-3129.git
$ cd CVE-2021-3129
$ python -m venv .venv 
$ .venv\Scripts\activate
$ pip3 install -r requirements.txt
```

## โš™๏ธ Usage
![Usage](/assets/usage.jpg)

## ๐Ÿ‹ Docker POC
```bash
$ docker build -t laravel_vulnerable .
$ docker run -p 8000:8000 laravel_vulnerable
```

## ๐Ÿ’ป Example
![Example](/assets/example.jpg)

## ๐Ÿฉน Patch options
- ``env`` (Updates the .env file to set APP_DEBUG to false)
- ``index`` (Injects code into index.php which prevents access to "/_ignition/execute-solution")
- ``private`` (Same as the index option, but allows specific header to access "_ignition/execute-solution")
  
## ๐Ÿ’ก Contributing to the project
To contribute, first fork this repository, and `clone` it. Make your changes, whether you're fixing bugs, adding features, or improving translations. When done, `commit` your changes, `push` them, and submit a `pull request` for review to this repostiroy.

### Issues
If you're reporting an issue, make sure to include your `Python version` (python --version), your `PHP version` (php --version), and any relevant command input, and output.

### Translations
For translation contributions, take a look at the `lang/` folder to add or update translations for different languages.

## ๐Ÿ•ต๐Ÿผ References
- https://github.com/ambionics/phpggc

## ๐Ÿ“ข Disclaimer
This tool is provided for educational and research purposes only. The creator assumes no responsibility for any misuse or damage caused by the tool.