Pierre MARTIN
Passionated by offensive web security and more specifically anything related to backend languages.
Session
10-23
15:15
30min
Livewire : remote command execution through unmarshalling
Rémi Matasse (@_remsio_), Pierre Martin (@_Worty), Pierre MARTIN
Livewire is a full-stack framework for Laravel that streamlines the creation of
dynamic and interactive web interfaces by allowing developers to build
real-time features using PHP and Blade templates. In this talk, we will show
how to exploit the unmarshalling mechanism used by Livewire to instantiate
arbitrary objects in order to achieve remote command execution on
any Livewire instance as long as you are in possession of the APP_KEY of the
application. Additionally, we will present a new feature added to our publicly
available tool laravel-crypto-killer, which fully automates the generation of
the payload described during the presentation.
topic: hack.lu
Europe