Add Werkzeug arbitrary code execution.

2024-11-22 02:53:06 +00:00 · 2017-07-13 18:24:36 +01:00 · 2017-07-13 18:24:36 +01:00 · bb13526eab
commit bb13526eab
parent e369876ec7
1 changed files with 12 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -89,6 +89,18 @@ http://[::]
 %0d%0aContent-Length:35%0d%0aX-XSS-Protection:0%0d%0a%0d%0a23%0d%0a<svg%20onload=alert(document.domain)>%0d%0a0%0d%0a/%2e%2e
 ```

+# RCE
+
+**Werkzeug Debugger**
+
+Find somewhere where user input can be supplied and submit the following string to cause an error:
+
+```
+strіng
+```
+
+If the target is running their application in debug mode you might be able to run commands. If you are running the target locally, you can probably brute-force the debugger PIN. The debugger PIN is always in the following format: `***-***-***`.
+
 ## Crypto

 **MD5 Collision Strings**