DoS via NULL pointer dereference in PHP PDO PostgreSQL (emulated prepares)

This repository is a standalone Bash-based exploit toolkit centered on PHP8.1.x_Exploit.sh, which orchestrates detection and exploitation of four PHP CVEs using modular helper scripts under modules/. The main script normalizes target URLs, fingerprints OS and PHP version via HTTP headers and a phpinfo.php probe, crawls homepage links/forms, enumerates likely CGI and upload endpoints, and then invokes per-CVE modules. The repository structure is simple: one main driver script, four CVE-specific Bash modules, one shared utils module, and a README. Primary exploit capability is CVE-2024-4577 against Windows PHP-CGI. The module tests two query-string injection variants, including a soft-hyphen bypass, by setting allow_url_include and auto_prepend_file=php://input and POSTing PHP code. On success it either demonstrates command execution with whoami or launches a PowerShell reverse shell to an operator-supplied IP/port. This is a real exploitation path providing RCE. A second remote capability targets CVE-2025-14177 by generating malformed JPEG files and POSTing them to discovered upload endpoints using multipart form field file. Detection looks for a marker string or long printable output in responses; exploitation repeats the upload 10 times and stores raw responses and extracted strings under a reports subdirectory, aiming to capture leaked heap data. The remaining two modules, CVE-2025-14180 and CVE-2025-14178, are effectively local/RCE-follow-on checks and crash payloads rather than pure remote exploits. Both use php -r locally when PHP CLI is present; the exploit functions POST PHP snippets to a target URL if remote code execution is already available. CVE-2025-14180 attempts to trigger a PDO PostgreSQL null dereference using DSN pgsql:host=localhost;dbname=postgres with emulated prepares enabled. CVE-2025-14178 attempts an array_merge integer overflow by allocating extremely large arrays. Both are described as potentially crashing or destabilizing the PHP process. Overall, this is an operational multi-CVE web exploitation script, not just a detector. It supports single-target and batch modes, optional GNU parallel execution, report logging, and automatic exploitation unless scan-only is specified. Fingerprintable targets include common CGI paths, common upload paths, phpinfo.php probing, php://input injection, localhost PostgreSQL access, and attacker-defined reverse-shell callback endpoints.