gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-12-12 07:40:34 -08:00
Code Issues Packages Projects Releases Wiki Activity

References updated for IDOR, Radomness and SCM

Browse Source
This commit is contained in:
Swissky
2024-11-07 12:17:38 +01:00
parent 7e390265a0
commit ccffaa5019
8 changed files with 384 additions and 308 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
Insecure Management Interface/README.md
View File

@@ -1,5 +1,12 @@
# Insecure Management Interface
## Summary
* [Springboot-Actuator](#springboot-actuator)
* [Remote Code Execution via /env](#remote-code-execution-via-env)
* [References](#references)
## Springboot-Actuator
Actuator endpoints let you monitor and interact with your application.
@@ -88,7 +95,8 @@ Content-Type: application/x-www-form-urlencoded
Content-Length: 0
```
## References
* [Springboot - Official Documentation](https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.html)
* [Exploiting Spring Boot Actuators - Veracode](https://www.veracode.com/blog/research/exploiting-spring-boot-actuators)
- [Exploiting Spring Boot Actuators - Michael Stepankin - Feb 25, 2019](https://www.veracode.com/blog/research/exploiting-spring-boot-actuators)
- [Springboot - Official Documentation - May 9, 2024](https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.html)