FastCGI
Pentesting FastCGI - TCP Port 9000
Theory
FastCGI is a binary protocol for interfacing interactive programs with a web server. It uses the 9000 port by default. Usually FastCGI only listen in localhost and It's quiet easy to make FastCGI execute arbitrary code.
Practice
If the PHP-FPM (FastCGI Process Manager) is running on the target system, we might be able to execute arbitrary command.
#Enum processes
ps aux | cat| grep php-fpm
php-fpm: pool username
#Enum network
ss -lntp
LISTEN 0 511 127.0.0.1:9000 0.0.0.0:*
Resources
Last updated
Was this helpful?