mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-05-09 15:56:15 +02:00
Compare commits
3 Commits
c42a6d126f
...
1036261ff6
Author | SHA1 | Date | |
---|---|---|---|
J-GainSec | 1036261ff6 | ||
Swissky | b245d3cbdd | ||
J-GainSec | 4f4d7b3bf5 |
|
@ -80,7 +80,7 @@
|
|||
* `file.php%20`
|
||||
* `file.php%0d%0a.jpg`
|
||||
* `file.php%0a`
|
||||
* Right to Left Override (RTLO): `name.%E2%80%AEphp.jpg` will became `name.gpj.php`.
|
||||
* Right to Left Override (RTLO): `name.%E2%80%AEphp.jpg` will became `name.gpj.php`. - [Automated Script for RTLO](https://github.com/GainSec/RTLOify)
|
||||
* Slash: `file.php/`, `file.php.\`, `file.j\sp`, `file.j/sp`
|
||||
* Multiple special characters: `file.jsp/././././.`
|
||||
- Mime type, change `Content-Type : application/x-php` or `Content-Type : application/octet-stream` to `Content-Type : image/gif`
|
||||
|
@ -219,4 +219,4 @@ Upload the XML file to `$JETTY_BASE/webapps/`
|
|||
* [Jetty Features for Hacking Web Apps - September 15, 2022 - Mikhail Klyuchnikov](https://swarm.ptsecurity.com/jetty-features-for-hacking-web-apps/)
|
||||
* [Inyección de código en imágenes subidas y tratadas con PHP-GD - Spanish Resource - hackplayers](https://www.hackplayers.com/2020/03/inyeccion-de-codigo-en-imagenes-php-gd.html)
|
||||
* [A New Vector For “Dirty” Arbitrary File Write to RCE - Doyensec - Maxence Schmitt and Lorenzo Stella](https://blog.doyensec.com/2023/02/28/new-vector-for-dirty-arbitrary-file-write-2-rce.html)
|
||||
* [PHP Internals Book - THE .PHPT FILE STRUCTURE](https://www.phpinternalsbook.com/tests/phpt_file_structure.html)
|
||||
* [PHP Internals Book - THE .PHPT FILE STRUCTURE](https://www.phpinternalsbook.com/tests/phpt_file_structure.html)
|
||||
|
|
12
mkdocs.yml
12
mkdocs.yml
|
@ -2,12 +2,17 @@ site_name: Payloads All The Things
|
|||
site_description: 'Payloads All The Things, a list of useful payloads and bypasses for Web Application Security'
|
||||
site_url: https://swisskyrepo.github.io/PayloadsAllTheThings
|
||||
|
||||
repo_url: https://github.com/swisskyrepo/PayloadsAllTheThings/
|
||||
edit_uri: blob/master/
|
||||
|
||||
# copyright: © 2016 PATT
|
||||
# logo: 'images/site_logo.png'
|
||||
# favicon: 'images/favicon.png'
|
||||
|
||||
theme:
|
||||
name: material
|
||||
color_mode: auto
|
||||
user_color_mode_toggle: true
|
||||
icon:
|
||||
repo: fontawesome/brands/github
|
||||
palette:
|
||||
|
@ -27,8 +32,13 @@ theme:
|
|||
|
||||
features:
|
||||
- content.code.copy
|
||||
- content.action.edit
|
||||
- content.action.view
|
||||
- content.tooltips
|
||||
- navigation.tracking
|
||||
- navigation.top
|
||||
- search.share
|
||||
- search.suggest
|
||||
# - toc.integrate
|
||||
# - navigation.path
|
||||
|
||||
|
@ -52,8 +62,6 @@ markdown_extensions:
|
|||
emoji_index: !!python/name:material.extensions.emoji.twemoji
|
||||
emoji_generator: !!python/name:material.extensions.emoji.to_svg
|
||||
|
||||
repo_url: https://github.com/swisskyrepo/PayloadsAllTheThings/
|
||||
edit_uri: edit/master/
|
||||
plugins:
|
||||
- search
|
||||
- git-revision-date-localized
|
||||
|
|
Loading…
Reference in New Issue