.. / CVE-2014-2383

Exploit for Dompdf < v0.6.0 - Local File Inclusion (CVE-2014-2383)

Description:

A vulnerability in dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input_file parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the input_file parameter.

Proof of Concept

PoC exploit

Nuclei Template

View the template here CVE-2014-2383.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2014/CVE-2014-2383.yaml

Try the exploit in a lab environment:

Lab	Machine	Link
Hack The Box	Inception	Go to Practice

References:

https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2383/
https://wpscan.com/vulnerability/1d64d0cb-6b71-47bb-8807-7c8350922582
http://seclists.org/fulldisclosure/2014/Apr/258
https://www.exploit-db.com/exploits/33004
https://nvd.nist.gov/vuln/detail/CVE-2014-2383

.. / CVE-2014-2383 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }