mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2026-01-08 19:30:38 -08:00
Add root user + PHP null byte version
This commit is contained in:
Swissky
@@ -114,6 +114,7 @@ http://0000::1:3128/ Squid
|
||||
### Bypass localhost with a domain redirection
|
||||
|
||||
```powershell
|
||||
http://spoofed.burpcollaborator.net
|
||||
http://localtest.me
|
||||
http://customer1.app.localhost.my.company.127.0.0.1.nip.io
|
||||
http://mail.ebc.apple.com redirect to 127.0.0.6 == localhost
|
||||
@@ -628,4 +629,5 @@ More info: https://rancher.com/docs/rancher/v1.6/en/rancher-services/metadata-se
|
||||
- [SSRF - Server Side Request Forgery (Types and ways to exploit it) Part-1 - SaN ThosH - 10 Jan 2019](https://medium.com/@madrobot/ssrf-server-side-request-forgery-types-and-ways-to-exploit-it-part-1-29d034c27978)
|
||||
- [SSRF Protocol Smuggling in Plaintext Credential Handlers : LDAP - @0xrst](https://www.silentrobots.com/blog/2019/02/06/ssrf-protocol-smuggling-in-plaintext-credential-handlers-ldap/)
|
||||
- [X-CTF Finals 2016 - John Slick (Web 25) - YEO QUAN YANG @quanyang](https://quanyang.github.io/x-ctf-finals-2016-john-slick-web-25/)
|
||||
- [Exploiting SSRF in AWS Elastic Beanstalk - February 1, 2019 - @notsosecure](https://www.notsosecure.com/exploiting-ssrf-in-aws-elastic-beanstalk/)
|
||||
- [Exploiting SSRF in AWS Elastic Beanstalk - February 1, 2019 - @notsosecure](https://www.notsosecure.com/exploiting-ssrf-in-aws-elastic-beanstalk/)
|
||||
- [PortSwigger - Web Security Academy Server-side request forgery (SSRF)](https://portswigger.net/web-security/ssrf)
|
||||
Reference in New Issue
Block a user