Cryptographic hash, random and info leak

pull/13/head
Swissky 2020-06-15 20:11:43 +02:00
parent 31962bee50
commit 95fbef209c
2 changed files with 29 additions and 0 deletions

View File

@ -17,6 +17,7 @@ payloads = [
["pcntl_exec", "Remote Command Execution", ["escapeshellarg", "escapeshellcmd"]], ["pcntl_exec", "Remote Command Execution", ["escapeshellarg", "escapeshellcmd"]],
["assert", "Remote Command Execution", ["escapeshellarg", "escapeshellcmd"]], ["assert", "Remote Command Execution", ["escapeshellarg", "escapeshellcmd"]],
["proc_open", "Remote Command Execution", ["escapeshellarg", "escapeshellcmd"]], ["proc_open", "Remote Command Execution", ["escapeshellarg", "escapeshellcmd"]],
["expect_popen", "Remote Command Execution", ["escapeshellarg", "escapeshellcmd"]],
["create_function", "Remote Command Execution", ["escapeshellarg", "escapeshellcmd"]], ["create_function", "Remote Command Execution", ["escapeshellarg", "escapeshellcmd"]],
["call_user_func", "Remote Code Execution", []], ["call_user_func", "Remote Code Execution", []],
["call_user_func_array", "Remote Code Execution", []], ["call_user_func_array", "Remote Code Execution", []],
@ -96,6 +97,13 @@ payloads = [
["echo", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]], ["echo", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]],
["print", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]], ["print", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]],
["printf", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]], ["printf", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]],
["vprintf", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]],
["trigger_error", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]],
["user_error", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]],
["odbc_result_all", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]],
["ifx_htmltbl_result", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]],
["die", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]],
["exit", "Cross Site Scripting", ["htmlentities", "htmlspecialchars"]],
# XPATH and LDAP # XPATH and LDAP
["xpath", "XPATH Injection", []], ["xpath", "XPATH Injection", []],
@ -120,4 +128,18 @@ payloads = [
["->render", "Server Side Template Injection", []], ["->render", "Server Side Template Injection", []],
["->assign", "Server Side Template Injection", []], ["->assign", "Server Side Template Injection", []],
# Weak Cryptographic Hash
["md5", "Weak Cryptographic Hash", []],
# Insecure Weak Random
["mt_rand", "Insecure Weak Random", []],
["srand", "Insecure Weak Random", []],
["uniqid", "Insecure Weak Random", []],
# Information Leak
["phpinfo", "Information Leak", []],
["show_source", "Information Leak", []],
["highlight_file", "Information Leak", []],
] ]

7
test/hash.php Normal file
View File

@ -0,0 +1,7 @@
<html>
<?php
if (isset($_POST['mail'])){
$mail = md5($_POST['mail']);
}
?>
</html>