mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-09-20 06:22:01 +00:00
Tools Update
This commit is contained in:
parent
12c6531ad2
commit
97cfeee270
2 changed files with 25 additions and 29 deletions
|
@ -46,6 +46,12 @@ Attempting to manipulate SQL queries may have goals including:
|
||||||
* [Case modification](#case-modification)
|
* [Case modification](#case-modification)
|
||||||
|
|
||||||
|
|
||||||
|
## Tools
|
||||||
|
|
||||||
|
* [sqlmapproject/sqlmap](https://github.com/sqlmapproject/sqlmap) - Automatic SQL injection and database takeover tool
|
||||||
|
* [r0oth3x49/ghauri](https://github.com/r0oth3x49/ghauri) - An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
|
||||||
|
|
||||||
|
|
||||||
## Entry point detection
|
## Entry point detection
|
||||||
|
|
||||||
Detection of an SQL injection entry point
|
Detection of an SQL injection entry point
|
||||||
|
|
|
@ -82,44 +82,34 @@
|
||||||
- [PHP - Plates](#plates)
|
- [PHP - Plates](#plates)
|
||||||
- [References](#references)
|
- [References](#references)
|
||||||
|
|
||||||
|
|
||||||
## Tools
|
## Tools
|
||||||
|
|
||||||
Recommended tools:
|
* [TInjA](https://github.com/Hackmanit/TInjA) - An effiecient SSTI + CSTI scanner which utilizes novel polyglots
|
||||||
|
```bash
|
||||||
|
tinja url -u "http://example.com/?name=Kirlia" -H "Authentication: Bearer ey..."
|
||||||
|
tinja url -u "http://example.com/" -d "username=Kirlia" -c "PHPSESSID=ABC123..."
|
||||||
|
```
|
||||||
|
|
||||||
[TInjA](https://github.com/Hackmanit/TInjA) - An effiecient SSTI + CSTI scanner which utilizes novel polyglots
|
* [Tplmap](https://github.com/epinna/tplmap) - Server-Side Template Injection and Code Injection Detection and Exploitation Tool
|
||||||
|
```powershell
|
||||||
|
python2.7 ./tplmap.py -u 'http://www.target.com/page?name=John*' --os-shell
|
||||||
|
python2.7 ./tplmap.py -u "http://192.168.56.101:3000/ti?user=*&comment=supercomment&link"
|
||||||
|
python2.7 ./tplmap.py -u "http://192.168.56.101:3000/ti?user=InjectHere*&comment=A&link" --level 5 -e jade
|
||||||
|
```
|
||||||
|
|
||||||
e.g:
|
* [SSTImap](https://github.com/vladko312/SSTImap) - Automatic SSTI detection tool with interactive interface based on [Tplmap](https://github.com/epinna/tplmap)
|
||||||
|
```powershell
|
||||||
```bash
|
python3 ./sstimap.py -u 'https://example.com/page?name=John' -s
|
||||||
tinja url -u "http://example.com/?name=Kirlia" -H "Authentication: Bearer ey..."
|
python3 ./sstimap.py -u 'https://example.com/page?name=Vulnerable*&message=My_message' -l 5 -e jade
|
||||||
tinja url -u "http://example.com/" -d "username=Kirlia" -c "PHPSESSID=ABC123..."
|
python3 ./sstimap.py -i -A -m POST -l 5 -H 'Authorization: Basic bG9naW46c2VjcmV0X3Bhc3N3b3Jk'
|
||||||
```
|
```
|
||||||
|
|
||||||
[Tplmap](https://github.com/epinna/tplmap) - Server-Side Template Injection and Code Injection Detection and Exploitation Tool
|
|
||||||
|
|
||||||
e.g:
|
|
||||||
|
|
||||||
```powershell
|
|
||||||
python2.7 ./tplmap.py -u 'http://www.target.com/page?name=John*' --os-shell
|
|
||||||
python2.7 ./tplmap.py -u "http://192.168.56.101:3000/ti?user=*&comment=supercomment&link"
|
|
||||||
python2.7 ./tplmap.py -u "http://192.168.56.101:3000/ti?user=InjectHere*&comment=A&link" --level 5 -e jade
|
|
||||||
```
|
|
||||||
|
|
||||||
[SSTImap](https://github.com/vladko312/SSTImap) - Automatic SSTI detection tool with interactive interface based on [Tplmap](https://github.com/epinna/tplmap)
|
|
||||||
|
|
||||||
e.g:
|
|
||||||
|
|
||||||
```powershell
|
|
||||||
python3 ./sstimap.py -u 'https://example.com/page?name=John' -s
|
|
||||||
python3 ./sstimap.py -u 'https://example.com/page?name=Vulnerable*&message=My_message' -l 5 -e jade
|
|
||||||
python3 ./sstimap.py -i -A -m POST -l 5 -H 'Authorization: Basic bG9naW46c2VjcmV0X3Bhc3N3b3Jk'
|
|
||||||
```
|
|
||||||
|
|
||||||
## Methodology
|
## Methodology
|
||||||
|
|
||||||
![SSTI cheatsheet workflow](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/Images/serverside.png?raw=true)
|
![SSTI cheatsheet workflow](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/Images/serverside.png?raw=true)
|
||||||
|
|
||||||
---
|
|
||||||
## Detection
|
## Detection
|
||||||
|
|
||||||
In most cases, this polyglot payload will trigger an error in presence of a SSTI vulnerability :
|
In most cases, this polyglot payload will trigger an error in presence of a SSTI vulnerability :
|
||||||
|
|
Loading…
Reference in a new issue