From 852c19172f5b80b791abf36aa5fdc309b413e306 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa Date: Wed, 1 Feb 2023 10:22:13 +0700 Subject: [PATCH] feat: added SSI --- README.md | 18 ++++++++++++------ Server Side Include Injection.md | 31 +++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+), 6 deletions(-) create mode 100644 Server Side Include Injection.md diff --git a/README.md b/README.md index ec167fe..edb8920 100644 --- a/README.md +++ b/README.md @@ -18,25 +18,31 @@ These are my bug bounty notes that I have gathered from various sources, you can - [Insecure Direct Object References (IDOR)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Insecure%20Direct%20Object%20References.md) - [Local File Inclusion (LFI)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Local%20File%20Inclusion.md) - [Mass Assignment](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Mass%20Assignment.md) -- [NoSQL Injection](https://github.com/daffainfo/AllAboutBugBounty/blob/master/NoSQL%20Injection.md) +- [NoSQL Injection (NoSQLi)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/NoSQL%20Injection.md) - [OAuth Misconfiguration](https://github.com/daffainfo/AllAboutBugBounty/blob/master/OAuth%20Misconfiguration.md) - [Open Redirect](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Open%20Redirect.md) - [Remote File Inclusion (RFI)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Remote%20File%20Inclusion.md) +- [Server Side Include Injection (SSI Injection)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Server%20Side%20Include%20Injection.md) - [Server Side Request Forgery](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Server%20Side%20Request%20Forgery.md) -- SQL Injection (SOON) +- [SQL Injection (SQLi)](https://github.com/daffainfo/AllAboutBugBounty/blob/master/SQL%20Injection.md) - [Web Cache Deception](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Web%20Cache%20Deception.md) - [Web Cache Poisoning](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Web%20Cache%20Poisoning.md) -## Checklist -- [Forgot Password Functionality](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Checklist/Forgot%20Password.md) -- Register Functionality SOON! - ## List Bypass - [Bypass 2FA](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%202FA.md) - [Bypass 403](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20403.md) - [Bypass 429](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20429.md) - [Bypass Captcha](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Bypass/Bypass%20Captcha.md) +## Checklist +- [Forgot Password Functionality](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Checklist/Forgot%20Password.md) +- Register Functionality SOON! + +## CVEs +- CVEs 2021 (https://github.com/daffainfo/AllAboutBugBounty/blob/master/CVEs/2021) +- CVEs 2022 (SOON) +- CVEs 2023 (SOON) + ## Miscellaneous - [Account Takeover](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Misc/Account%20Takeover.md) - [Broken Link Hijacking](https://github.com/daffainfo/AllAboutBugBounty/blob/master/Misc/Broken%20Link%20Hijacking.md) diff --git a/Server Side Include Injection.md b/Server Side Include Injection.md new file mode 100644 index 0000000..1979941 --- /dev/null +++ b/Server Side Include Injection.md @@ -0,0 +1,31 @@ +# Server Side Include Injection (SSI Injection) + +## Introduction +SSI (Server Side Includes) Injection is a type of web security vulnerability that occurs when a web application allows untrusted user-supplied data to be used as part of a Server Side Include (SSI) directive + +## Where to find +Usually it can be found anywhere. Just try to input the payload in the form or GET parameter + +## How to exploit +1. Print a date +``` + +``` + +2. Print all the variabels +``` + +``` + +3. Include a file +``` + +``` + +4. Doing a reverse shell +``` + +``` + +## References +* [OWASP](https://owasp.org/www-community/attacks/Server-Side_Includes_(SSI)_Injection) \ No newline at end of file