imagecolormatch() OOB Heap Write exploit¶
My binary exploit for CVE-2019-6977. Bug found by Simon Scannell from RIPS.
PHP bug is here. Helps you bypass PHP's
disable_functions INI directive.
I commented a lot to help people that are new to binary PHP exploitation. Hope this helps.
Nenuphar.ce: 0x7fe834a10018 Nenuphar2.ce: 0x7fe834a10d70 Nenuphar.properties: 0x7fe834a01230 z.val: 0x7fe834aaea18 Difference: 0xad7e8 Exploit SUCCESSFUL !