CVE-2024-4577 Vulnerability Checker The CVE-2024-4577 Vulnerability Checker is a Bash script designed to scan multiple domains for the CVE-2024-4577 vulnerability in PHP-CGI. This tool allows security researchers and system administrators to quickly assess whether their systems or a list of domains are potentially vulnerable to this specific security issue. Description In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc. Requirements Bash (version 4.0 or later) curl Installation Clone the repository or download the script: git clone https://github.com/JeninSutradhar/CVE-2024-4577-checker.git cd cve-2024-4577-checker Make the script executable: chmod +x cve_2024_4577_checker.sh Usage Basic Usage ./cve_2024_4577_checker.sh -f domains.txt – This will scan all domains listed in the domains.txt file. Options -f file: Specify a file containing a list of domains to check (one domain per line) -t threads: Set the number of concurrent threads (default: 10) -u user_agent: Set a custom User-Agent string -i: Run in interactive mode,…Read More