Commit graph

36 commits

Author SHA1 Message Date
Str3am
95a85b455d
Add two methods about LFI to RCE via PHP PEARCMD, and delete extra double quotes in method 2 payload 2023-11-01 00:35:59 +08:00
Str3am
072cac04d6
Add two methods about LFI to RCE via PHP PEARCMD 2023-11-01 00:26:27 +08:00
Swissky
892c68e6e7 PEAR_Config example 2023-10-02 17:12:36 +02:00
Swissky
837f220264 LFI with pearcmd.php 2023-10-02 12:52:10 +02:00
Swissky
d142587f28 Race Condition WIP + AD asreproast/kerberoasting 2023-10-01 12:42:20 +02:00
mpgn
3c7c863233
Fix path with sessionS with an S for php 2023-04-11 17:08:57 +02:00
Swissky
0a70636d28 ETW Providers 2023-04-03 10:48:53 +02:00
Swissky
fddd094ee1 LFI iconv and dechunk + ETW + NTDS Dump Rework 2023-03-27 22:38:25 +02:00
Swissky
fe41254fde XXS Public Example + PHP Filter RCE 2022-10-24 12:05:39 +02:00
Fabian S. Varon Valencia
a07468af9b use web archive to retrieve a readable version of this website - currently unavailable 2022-10-08 23:31:43 -05:00
Swissky
fbd7517e04 LFI2RCE - Picture Compression - SOCKS5 CS 2022-08-21 16:38:54 +02:00
its0x08
fc1f3b25a7 fix: Fix spelling 2022-08-09 11:02:21 +02:00
Swissky
28425b37a3 LFI to RCE via upload (FindFirstFile) 2022-06-19 22:48:46 +02:00
Swissky
c9ef8f7f49 Graftcp Cheatsheet 2021-12-29 18:16:26 +01:00
Alexandre ZANNI
61eed94f18
add RCE via Apache logs in log poisoning 2021-05-10 11:48:14 +02:00
lanjelot
c6d0ba29e7 Add reference to panoptic and rip-hg tools 2020-12-12 04:52:21 +11:00
Gorgamite
1f96d34ddf
Specifying alternative access method through SSH
Specifying alternative access method through SSH since SSH is assumed to be running on the Linux machine. Read id_rsa for that user to obtain the SSH private key.
2020-10-25 02:51:07 -07:00
Siddharth Reddy
dbc3cb38ea
Update README.md
Page not found [Local file inclusion mini list - Penetrate.io](https://penetrate.io/2014/09/25/local-file-inclusion-mini-list/).
2020-10-09 17:59:30 +05:30
Milan Veljkovic
d317b46af9
Update README.md
I met with /var/log/apache2/ more often than /var/log/apache/ and i believe if someone is following this list, the apache2 items will make a difference. Cheers !
2020-07-06 23:43:47 +02:00
0xdf
9d06e1297f added additional way to chain php filters 2020-02-20 06:40:30 -05:00
0xdf
7d650e9622 fixed error in chaining php filters in File Inclusion page, added an additional example 2020-02-20 06:30:28 -05:00
Borja
7be86354b2
Update File Inclusion
Added another path
2020-02-18 11:35:22 +00:00
Swissky
3abaa3e23d Linux AD - Keyring, Keytab, CCACHE 2019-11-25 23:12:06 +01:00
Alex Zeecka
83caef8ee1
Add filter iconv utf16 LFI bypass tricks 2019-10-17 17:40:59 +02:00
Swissky
8dffb59ac5 Pspy + Silver Ticket + MSSQL connect 2019-08-18 22:24:48 +02:00
Swissky
46780de750 PostgreSQL rewrite + LFI SSH 2019-06-29 19:23:34 +02:00
Swissky
3b85f1b6fc UTF-8 encoding for File Inclusion 2019-06-29 11:20:17 +02:00
Swissky
9be62677b6 Add root user + PHP null byte version 2019-06-24 00:21:39 +02:00
Swissky
9745e67465 HQL Injection + references update 2019-06-16 23:45:52 +02:00
Swissky
a85fa5af28 Local File Include : rce via mail + kadimus 2019-06-10 00:05:47 +02:00
Swissky
e8cd11f88f plink + sshuttle : Network Pivoting Techniques 2019-06-09 18:13:15 +02:00
Jonas Wendorf
f5702467d6 Add nginx log files for LFI log poisoning 2019-05-30 12:01:24 +02:00
Swissky
b81df17589 RFI - Windows SMB allow_url_include = "Off" 2019-05-12 22:23:55 +02:00
Swissky
bab04f8587 Masscan + AD password in description + ZSH revshell bugfix + Mimikatz lsass.dmp 2019-05-12 21:34:09 +02:00
Swissky
4d3ee90eec Command injection rewritten 2019-04-21 19:50:50 +02:00
Swissky
404afd1d71 Fix name's capitalization 2019-03-07 00:07:55 +01:00
Renamed from FIX_File Inclusion/README.md (Browse further)