Reflecting Techniques - PoCs and Polygloths CheatSheet
Lo scopo di queste PoC e Poliglotti è fornire al tester un riassunto rapido delle vulnerabilità che può sfruttare se il suo input viene in qualche modo riflessa nella risposta.
Questa cheatsheet non propone un elenco esaustivo di test per ogni vulnerabilità, solo alcuni di base. Se stai cercando test più completi, accedi a ciascuna vulnerabilità proposta.
Non troverai iniezioni dipendenti dal Content-Type come XXE, poiché di solito le proverai tu stesso se trovi una richiesta che invia dati xml. Qui non troverai nemmeno iniezioni di database poiché, anche se alcuni contenuti potrebbero essere riflessi, dipende molto dalla tecnologia e dalla struttura del backend del database.
Elenco di Poliglotti
Test di base
Poliglotti
Polyglots are files that can be interpreted as different file types depending on the context in which they are opened. This can be useful for bypassing security measures or executing malicious code. Here are some common polyglot file types and their characteristics:
HTML/JavaScript Polyglots: These files can be interpreted as both HTML and JavaScript. They can be used to execute JavaScript code in the context of a web page, bypassing any client-side security measures.
PDF/JavaScript Polyglots: These files can be interpreted as both PDF and JavaScript. They can be used to execute JavaScript code when opened in a PDF reader, potentially exploiting vulnerabilities in the reader software.
Image/JavaScript Polyglots: These files can be interpreted as both image files and JavaScript. They can be used to execute JavaScript code when opened in an image viewer, bypassing any security measures that may be in place for image files.
ZIP/JavaScript Polyglots: These files can be interpreted as both ZIP archives and JavaScript. They can be used to execute JavaScript code when extracted, potentially exploiting vulnerabilities in the ZIP extraction software.
XML/JavaScript Polyglots: These files can be interpreted as both XML and JavaScript. They can be used to execute JavaScript code when opened in an XML parser, potentially exploiting vulnerabilities in the parser software.
CSV/JavaScript Polyglots: These files can be interpreted as both CSV (Comma-Separated Values) and JavaScript. They can be used to execute JavaScript code when opened in a spreadsheet program, bypassing any security measures that may be in place for CSV files.
Polyglots can be created by carefully crafting the file structure and taking advantage of the different parsing rules for each file type. They can be used in various hacking scenarios, such as bypassing security filters, delivering malware, or executing arbitrary code.
Test di Base
Poliglotti
Polyglots are files that can be interpreted as different file types depending on the context in which they are opened. This can be useful for bypassing security measures or executing malicious code. Here are some common polyglot file types and their characteristics:
HTML/JavaScript Polyglots: These files can be interpreted as both HTML and JavaScript. They can be used to execute JavaScript code in the context of a web page, bypassing any client-side security measures.
PDF/JavaScript Polyglots: These files can be interpreted as both PDF and JavaScript. They can be used to execute JavaScript code when opened in a PDF reader, potentially exploiting vulnerabilities in the reader software.
Image/JavaScript Polyglots: These files can be interpreted as both image files and JavaScript. They can be used to execute JavaScript code when opened in an image viewer, potentially exploiting vulnerabilities in the viewer software.
ZIP/JavaScript Polyglots: These files can be interpreted as both ZIP archives and JavaScript. They can be used to execute JavaScript code when extracted, potentially exploiting vulnerabilities in the extraction software.
XML/JavaScript Polyglots: These files can be interpreted as both XML and JavaScript. They can be used to execute JavaScript code when opened in an XML parser, potentially exploiting vulnerabilities in the parser software.
Polyglots can be created by carefully crafting the file structure and taking advantage of the similarities between different file formats. They require a deep understanding of the file formats involved and can be challenging to create. However, they can be powerful tools for bypassing security measures and executing malicious code.
Test di base
HTTP Response Splitting
CRLF Injection
HTTP Response Splitting - Location Header
HTTP Response Splitting - Set-Cookie Header
SMTP Response Splitting
CRLF Injection
SMTP Response Splitting - MAIL FROM
SMTP Response Splitting - RCPT TO
SMTP Response Splitting - DATA
SMTP Response Splitting - Subject
SMTP Response Splitting - Content-Type
LDAP Response Splitting
CRLF Injection
Markup Sospeso
Test di Base
Test di base
Test di base
Test di base
```
Test avanzati
``` ```bash (\\w*)+$ ([a-zA-Z]+)*$ ((a+)+)+$ ``` ## [Inclusione lato server/Inclusione lato bordo](../server-side-inclusion-edge-side-inclusion-injection.md)
Test di base
Poliglotti
Polyglots are files that can be interpreted as different file types depending on the context in which they are opened. This can be useful for bypassing security measures or executing malicious code. Here are some common polyglot file types and their characteristics:
HTML/JavaScript Polyglots: These files can be interpreted as both HTML and JavaScript. They can be used to execute JavaScript code in the context of a web page, bypassing any client-side security measures.
PDF/JavaScript Polyglots: These files can be interpreted as both PDF and JavaScript. They can be used to execute JavaScript code when opened in a PDF reader, potentially exploiting vulnerabilities in the reader software.
Image/JavaScript Polyglots: These files can be interpreted as both image files and JavaScript. They can be used to execute JavaScript code when opened in an image viewer, bypassing any security measures that may be in place for image files.
ZIP/JavaScript Polyglots: These files can be interpreted as both ZIP archives and JavaScript. They can be used to execute JavaScript code when extracted, potentially exploiting vulnerabilities in the ZIP extraction software.
XML/JavaScript Polyglots: These files can be interpreted as both XML and JavaScript. They can be used to execute JavaScript code when opened in an XML parser, potentially exploiting vulnerabilities in the parser software.
Polyglots can be created by carefully crafting the file structure and taking advantage of the different ways that file types are interpreted by different software. They can be used in various hacking scenarios, such as bypassing security filters, delivering malware, or executing arbitrary code.
Gli stessi test utilizzati per l'Open Redirect possono essere utilizzati qui.
Test di base
Poliglotti
Polyglots are files that can be interpreted as different file types depending on the context in which they are opened. This can be useful for bypassing security measures or executing malicious code. Here are some common polyglot file types and their characteristics:
HTML/JavaScript Polyglots: These files can be interpreted as both HTML and JavaScript. They can be used to execute JavaScript code in the context of a web page, bypassing any client-side security measures.
PDF/JavaScript Polyglots: These files can be interpreted as both PDF and JavaScript. They can be used to execute JavaScript code when opened in a PDF reader, potentially exploiting vulnerabilities in the reader software.
Image/JavaScript Polyglots: These files can be interpreted as both image files and JavaScript. They can be used to execute JavaScript code when opened in an image viewer, bypassing any security measures that may be in place for image files.
ZIP/JavaScript Polyglots: These files can be interpreted as both ZIP archives and JavaScript. They can be used to execute JavaScript code when extracted, potentially exploiting vulnerabilities in the ZIP extraction software.
Polyglot Shell Scripts: These files can be interpreted as both shell scripts and other file types, such as image files or PDFs. They can be used to execute arbitrary commands on a system when executed as a shell script.
Polyglots can be created by carefully crafting the file structure and content to conform to the specifications of multiple file types. This requires a deep understanding of the file formats involved and can be a complex process. However, once created, polyglots can be powerful tools for bypassing security measures and executing malicious code.
Test di base
Poliglotti
Polyglots are files that can be interpreted as different file types depending on the context in which they are opened. This can be useful for bypassing security measures or executing malicious code. Here are some common polyglot file types and their characteristics:
HTML/JavaScript Polyglots: These files can be interpreted as both HTML and JavaScript. They can be used to execute JavaScript code in the context of a web page, bypassing any client-side security measures.
Image/Script Polyglots: These files can be interpreted as both images and scripts. They can be used to embed malicious code within an image file, allowing it to be executed when the image is opened.
PDF/JavaScript Polyglots: These files can be interpreted as both PDF and JavaScript. They can be used to execute JavaScript code within a PDF document, potentially exploiting vulnerabilities in PDF readers.
ZIP/JavaScript Polyglots: These files can be interpreted as both ZIP archives and JavaScript. They can be used to execute JavaScript code when the ZIP archive is opened, bypassing any security measures that may be in place.
Polyglot Shell Scripts: These files can be interpreted as both shell scripts and other file types, such as images or documents. They can be used to execute arbitrary commands on a target system, potentially leading to remote code execution.
Polyglots can be created by carefully crafting the file structure and taking advantage of the way different file types are parsed by different applications. They can be used in various hacking scenarios, such as bypassing security filters, delivering malware, or exploiting vulnerabilities.
XSS
Test di base
Test di base
Test di base con tag HTML
Test di base con tag HTML e evento
Test di base con tag HTML e evento in maiuscolo
Test di base con tag HTML e evento in minuscolo
Test di base con tag HTML e evento in codifica URL
Test di base con tag HTML e evento in codifica URL con caratteri speciali
Test di base con tag HTML e evento in codifica URL con caratteri speciali e spazi
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi e codifica HTML
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi, codifica HTML e codifica URL
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi, codifica HTML, codifica URL e codifica URL doppia
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi, codifica HTML, codifica URL, codifica URL doppia e codifica URL tripla
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi, codifica HTML, codifica URL, codifica URL doppia, codifica URL tripla e codifica URL quadrupla
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi, codifica HTML, codifica URL, codifica URL doppia, codifica URL tripla, codifica URL quadrupla e codifica URL quintupla
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi, codifica HTML, codifica URL, codifica URL doppia, codifica URL tripla, codifica URL quadrupla, codifica URL quintupla e codifica URL sestupla
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi, codifica HTML, codifica URL, codifica URL doppia, codifica URL tripla, codifica URL quadrupla, codifica URL quintupla, codifica URL sestupla e codifica URL settupla
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi, codifica HTML, codifica URL, codifica URL doppia, codifica URL tripla, codifica URL quadrupla, codifica URL quintupla, codifica URL sestupla, codifica URL settupla e codifica URL ottupla
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi, codifica HTML, codifica URL, codifica URL doppia, codifica URL tripla, codifica URL quadrupla, codifica URL quintupla, codifica URL sestupla, codifica URL settupla, codifica URL ottupla e codifica URL nonupla
Test di base con tag HTML e evento in codifica URL con caratteri speciali, spazi, codifica HTML, codifica URL, codifica URL doppia, codifica URL tripla, codifica URL quadrupla, codifica URL quintupla, codifica URL sestupla, codifica URL settupla, codifica URL ottupla, codifica URL nonupla e codifica URL decupla
Poliglotti
Polyglots are files that can be interpreted as different file types depending on the context in which they are opened. This can be useful for bypassing security measures or executing malicious code. Here are some common polyglot file types and their characteristics:
HTML/JavaScript Polyglots: These files can be interpreted as both HTML and JavaScript. They can be used to execute JavaScript code in the context of a web page, bypassing any client-side security measures.
PDF/JavaScript Polyglots: These files can be interpreted as both PDF and JavaScript. They can be used to execute JavaScript code when opened in a PDF reader, potentially exploiting vulnerabilities in the reader software.
Image/JavaScript Polyglots: These files can be interpreted as both image files and JavaScript. They can be used to execute JavaScript code when opened in an image viewer, bypassing any security measures that may be in place for image files.
ZIP/JavaScript Polyglots: These files can be interpreted as both ZIP archives and JavaScript. They can be used to execute JavaScript code when extracted, potentially exploiting vulnerabilities in the ZIP extraction software.
XML/JavaScript Polyglots: These files can be interpreted as both XML and JavaScript. They can be used to execute JavaScript code when opened in an XML parser, potentially exploiting vulnerabilities in the parser software.
Polyglots can be created by carefully crafting the file structure and taking advantage of the different ways that file types are interpreted by different software. They can be used in various hacking scenarios, such as bypassing security filters, delivering malware, or executing arbitrary code.
Last updated