Share
## https://sploitus.com/exploit?id=A4487122-524E-53B2-99DA-FC9F9FF45B23
# CVE-2018-15133 - Laravel Framework (5.6.x) Vulnerable Lab

This repo provides a reproducible Docker lab for **CVE-2018-15133** (Laravel Framework token unserialize RCE when `APP_KEY` is known).

The app is pinned to a vulnerable Laravel 5.6.x version and exposes a simple `/poc` POST route under the `web` middleware group so CSRF token parsing is triggered.

## Quickstart

```bash
docker compose up -d --build
```

Open:
- `http://localhost:18088/`

## Known APP_KEY

This lab uses a fixed `APP_KEY` (see `env.example`):
- `base64:C9keXyMoHkA4Rg40PHuuZakLSC5rpOF7myjb876DQv0=`

## Validate (example)

Use any PoC that crafts a Laravel-encrypted `X-XSRF-TOKEN` using the known `APP_KEY` (e.g. Nuclei template for CVE-2018-15133).

Example (from a nuclei-templates checkout):

```bash
nuclei \
  -t http/cves/2018/CVE-2018-15133.yaml \
  -u http://localhost:18088 \
  -V app_key=base64:C9keXyMoHkA4Rg40PHuuZakLSC5rpOF7myjb876DQv0= \
  -nc
```

## Cleanup

```bash
docker compose down -v
```