Last active
December 22, 2020 16:28
-
-
Save dg/be0f26b31be15a2f1b1208a1714bf415 to your computer and use it in GitHub Desktop.
CVE-2020-15227 nette/application RCE in-place patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| # In-place apply the CVE-2020-15227 nette/application patch | |
| # This is a universal patcher for all affected versions. | |
| # Run with `php patch-CVE-2020-15227.php` | |
| # Inspiration: @spazef0rze | |
| $dir = __DIR__; | |
| $iterator = new RecursiveDirectoryIterator($dir); | |
| $iterator = new RecursiveIteratorIterator($iterator); | |
| // find all MicroPresenter.php files | |
| foreach ($iterator as $file) { | |
| if ($file->getFileName() !== 'MicroPresenter.php') { | |
| continue; | |
| } | |
| $orig = file_get_contents((string) $file); | |
| // apply patch to code | |
| $patched = str_replace( | |
| 'if (!isset($params[\'callback\'])) {', | |
| 'if (!isset($params[\'callback\']) || !$params[\'callback\'] instanceof \Closure) { // patched to fix CVE-2020-15227', | |
| $orig | |
| ); | |
| if ($orig === $patched) { | |
| continue; | |
| } | |
| // create a backup file with a suffix | |
| file_put_contents("$file-nette-autoupdate-backup", $orig); | |
| // replace original file | |
| file_put_contents((string) $file, $patched); | |
| echo "patched: $file\n"; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment