mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-11-10 07:04:22 +00:00
plocate and Azure AD updates
This commit is contained in:
parent
bb71d4ad14
commit
57703ed7ed
2 changed files with 16 additions and 1229 deletions
|
@ -160,6 +160,7 @@ url:http://127.0.0.1:8080
|
|||
/run/secrets/kubernetes.io/serviceaccount/certificate
|
||||
/var/run/secrets/kubernetes.io/serviceaccount
|
||||
/var/lib/mlocate/mlocate.db
|
||||
/var/lib/plocate/plocate.db
|
||||
/var/lib/mlocate.db
|
||||
```
|
||||
|
||||
|
@ -214,6 +215,8 @@ The following log files are controllable and can be included with an evil payloa
|
|||
/var/log/sshd.log
|
||||
/var/log/mail
|
||||
```
|
||||
|
||||
|
||||
## Labs
|
||||
|
||||
* [File path traversal, simple case](https://portswigger.net/web-security/file-path-traversal/lab-simple)
|
||||
|
@ -223,6 +226,7 @@ The following log files are controllable and can be included with an evil payloa
|
|||
* [File path traversal, validation of start of path](https://portswigger.net/web-security/file-path-traversal/lab-validate-start-of-path)
|
||||
* [File path traversal, validation of file extension with null byte bypass](https://portswigger.net/web-security/file-path-traversal/lab-validate-file-extension-null-byte-bypass)
|
||||
|
||||
|
||||
## References
|
||||
|
||||
* [Path Traversal Cheat Sheet: Windows](https://gracefulsecurity.com/path-traversal-cheat-sheet-windows/)
|
||||
|
@ -230,4 +234,5 @@ The following log files are controllable and can be included with an evil payloa
|
|||
* [CWE-40: Path Traversal: '\\UNC\share\name\' (Windows UNC Share) - CWE Mitre - December 27, 2018](https://cwe.mitre.org/data/definitions/40.html)
|
||||
* [NGINX may be protecting your applications from traversal attacks without you even knowing](https://medium.com/appsflyer/nginx-may-be-protecting-your-applications-from-traversal-attacks-without-you-even-knowing-b08f882fd43d?source=friends_link&sk=e9ddbadd61576f941be97e111e953381)
|
||||
* [Directory traversal - Portswigger](https://portswigger.net/web-security/file-path-traversal)
|
||||
* [Cookieless ASPNET - Soroush Dalili](https://twitter.com/irsdl/status/1640390106312835072)
|
||||
* [Cookieless ASPNET - Soroush Dalili](https://twitter.com/irsdl/status/1640390106312835072)
|
||||
* [EP 057 | Proc filesystem tricks & locatedb abuse with @_remsio_ & @_bluesheet - TheLaluka - 30 nov. 2023](https://youtu.be/YlZGJ28By8U)
|
File diff suppressed because it is too large
Load diff
Loading…
Reference in a new issue