Old but exist

Prerequisites & Requirements

• Understanding of PHP programming language and its functions
• Knowledge of Redis database and its command structure
• Familiarity with CVE (Common Vulnerabilities and Exposures) research
• Basic understanding of null byte injection vulnerabilities
• Web application security testing experience
• Ability to read and analyze source code

What will you learn?

• How to identify and exploit CVE-2025-1220
• The difference between PHP string validation and C-level socket operations
• How null byte injection can bypass hostname validation
• Redis database enumeration and data extraction techniques
• The importance of proper input validation in web applications
• How to research and apply newly discovered CVEs in real-world scenarios

Tools

• Web Browser - For accessing the web application interface
• Burp Suite / Browser Developer Tools - For intercepting and modifying HTTP requests
• Redis Documentation - https://redis.io/docs/latest/develop/tools/cli/ (for Redis command reference)