mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-05-09 20:06:17 +02:00
Compare commits
3 Commits
23541a1a78
...
52ee755ff2
Author | SHA1 | Date | |
---|---|---|---|
n3rada | 52ee755ff2 | ||
Swissky | b245d3cbdd | ||
n3rada | d658aa026a |
|
@ -151,6 +151,14 @@ When `allow_url_include` and `allow_url_fopen` are set to `Off`. It is still pos
|
|||
|
||||
## LFI / RFI using wrappers
|
||||
|
||||
### Wrapper file://
|
||||
It is possible to use the [`file://`]([url](https://www.php.net/manual/en/wrappers.file.php)) wrapper in order to read file inside allowed paths (if `open_basedir` restriction in effect).
|
||||
|
||||
```shell
|
||||
http://example.com/index.php?filename=file://localhost/var/www/html/secured_extranet/panel/security.php
|
||||
```
|
||||
Note that using `localhost` above bypasses `file:///` filtering.
|
||||
|
||||
### Wrapper php://filter
|
||||
|
||||
The part "`php://filter`" is case insensitive
|
||||
|
@ -623,4 +631,4 @@ If SSH is active check which user is being used `/proc/self/status` and `/etc/pa
|
|||
* [PHP FILTERS CHAIN: WHAT IS IT AND HOW TO USE IT - Rémi Matasse - 18/10/2022](https://www.synacktiv.com/publications/php-filters-chain-what-is-it-and-how-to-use-it.html)
|
||||
* [PHP FILTER CHAINS: FILE READ FROM ERROR-BASED ORACLE - Rémi Matasse - 21/03/2023](https://www.synacktiv.com/en/publications/php-filter-chains-file-read-from-error-based-oracle.html)
|
||||
* [One Line PHP: From Genesis to Ragnarök - Ginoah, Bookgin](https://hackmd.io/@ginoah/phpInclude#/)
|
||||
* [Introducing wrapwrap: using PHP filters to wrap a file with a prefix and suffix - Charles Fol - 11 December, 2023](https://www.ambionics.io/blog/wrapwrap-php-filters-suffix)
|
||||
* [Introducing wrapwrap: using PHP filters to wrap a file with a prefix and suffix - Charles Fol - 11 December, 2023](https://www.ambionics.io/blog/wrapwrap-php-filters-suffix)
|
||||
|
|
12
mkdocs.yml
12
mkdocs.yml
|
@ -2,12 +2,17 @@ site_name: Payloads All The Things
|
|||
site_description: 'Payloads All The Things, a list of useful payloads and bypasses for Web Application Security'
|
||||
site_url: https://swisskyrepo.github.io/PayloadsAllTheThings
|
||||
|
||||
repo_url: https://github.com/swisskyrepo/PayloadsAllTheThings/
|
||||
edit_uri: blob/master/
|
||||
|
||||
# copyright: © 2016 PATT
|
||||
# logo: 'images/site_logo.png'
|
||||
# favicon: 'images/favicon.png'
|
||||
|
||||
theme:
|
||||
name: material
|
||||
color_mode: auto
|
||||
user_color_mode_toggle: true
|
||||
icon:
|
||||
repo: fontawesome/brands/github
|
||||
palette:
|
||||
|
@ -27,8 +32,13 @@ theme:
|
|||
|
||||
features:
|
||||
- content.code.copy
|
||||
- content.action.edit
|
||||
- content.action.view
|
||||
- content.tooltips
|
||||
- navigation.tracking
|
||||
- navigation.top
|
||||
- search.share
|
||||
- search.suggest
|
||||
# - toc.integrate
|
||||
# - navigation.path
|
||||
|
||||
|
@ -52,8 +62,6 @@ markdown_extensions:
|
|||
emoji_index: !!python/name:material.extensions.emoji.twemoji
|
||||
emoji_generator: !!python/name:material.extensions.emoji.to_svg
|
||||
|
||||
repo_url: https://github.com/swisskyrepo/PayloadsAllTheThings/
|
||||
edit_uri: edit/master/
|
||||
plugins:
|
||||
- search
|
||||
- git-revision-date-localized
|
||||
|
|
Loading…
Reference in New Issue