dos2unix

Fuzzing/template-engines-special-vars.txt

@@ -1,78 +1,78 @@
-# The objective of this dictionary is to help to discover the template engine used
+# The objective of this dictionary is to help to discover the template engine used
-# once a evaluation of a template expression was detected via the following dictionary:
+# once a evaluation of a template expression was detected via the following dictionary:
-# https://github.com/danielmiessler/SecLists/blob/master/Fuzzing/template-engines-expression.txt
+# https://github.com/danielmiessler/SecLists/blob/master/Fuzzing/template-engines-expression.txt
-# Special variables are grouped by template engine in order to facilitate the identification.
+# Special variables are grouped by template engine in order to facilitate the identification.
-# Use the term between the expression syntax identified as evaluated like "{{ xxx }}" for example.
+# Use the term between the expression syntax identified as evaluated like "{{ xxx }}" for example.
-# 
+# 
-# Indicate to your fuzzer to ignore a line starting with: "# " (space is important)
+# Indicate to your fuzzer to ignore a line starting with: "# " (space is important)
-# You can also filter the dictionary before to use it via the command: grep -v "# " > dict.txt
+# You can also filter the dictionary before to use it via the command: grep -v "# " > dict.txt
-# 
+# 
-# Sources:
+# Sources:
-# https://portswigger.net/research/server-side-template-injection
+# https://portswigger.net/research/server-side-template-injection
-# https://github.com/epinna/tplmap
+# https://github.com/epinna/tplmap
-# Custom personal labs
+# Custom personal labs
-# 
+# 
-# GENERIC: To cause an error and perhaps get technical information
+# GENERIC: To cause an error and perhaps get technical information
-1/0
+1/0
-# FREEMARKER (JAVA)
+# FREEMARKER (JAVA)
-# https://freemarker.apache.org/docs/ref_specvar.html
+# https://freemarker.apache.org/docs/ref_specvar.html
-.version
+.version
-.current_template_name
+.current_template_name
-.locale_object
+.locale_object
-# JINJA2 (PYTHON)
+# JINJA2 (PYTHON)
-# https://jinja.palletsprojects.com/en/2.11.x/templates/#debug-statement
+# https://jinja.palletsprojects.com/en/2.11.x/templates/#debug-statement
-# https://stackoverflow.com/a/40346872/451455
+# https://stackoverflow.com/a/40346872/451455
-self._TemplateReference__context
+self._TemplateReference__context
-# DJANGO (PYTHON)
+# DJANGO (PYTHON)
-# https://docs.djangoproject.com/en/3.1/ref/settings/
+# https://docs.djangoproject.com/en/3.1/ref/settings/
-settings
+settings
-settings.DEBUG
+settings.DEBUG
-settings.DATABASES
+settings.DATABASES
-settings.SECRET_KEY
+settings.SECRET_KEY
-# PUG (NODEJS)
+# PUG (NODEJS)
-# https://pugjs.org
+# https://pugjs.org
-# In case of hit then use "Object.keys(VAR_NAME)" to explore the object properties
+# In case of hit then use "Object.keys(VAR_NAME)" to explore the object properties
-# Self object is available if the "self" options is set to true
+# Self object is available if the "self" options is set to true
-self
+self
-# Payload below are more NodeJS related
+# Payload below are more NodeJS related
-locals
+locals
-global
+global
-# ERB (RUBY)
+# ERB (RUBY)
-# https://ruby-doc.org/stdlib-2.7.1/libdoc/erb/rdoc/ERB.html
+# https://ruby-doc.org/stdlib-2.7.1/libdoc/erb/rdoc/ERB.html
-ERB.version()
+ERB.version()
-# TORNADO (PYTHON)
+# TORNADO (PYTHON)
-# https://www.tornadoweb.org/en/stable/template.html
+# https://www.tornadoweb.org/en/stable/template.html
-# Presence of variables with a name starting with "_tt_" indicate usage of Tornado
+# Presence of variables with a name starting with "_tt_" indicate usage of Tornado
-locals()
+locals()
-globals()
+globals()
-# TWIG (PHP)
+# TWIG (PHP)
-# https://twig.symfony.com/doc/3.x/
+# https://twig.symfony.com/doc/3.x/
-_self
+_self
-_self.getTemplateName().__toString
+_self.getTemplateName().__toString
-_context
+_context
-_context|length
+_context|length
-_context|keys|first
+_context|keys|first
-constant('Twig_Environment::VERSION')
+constant('Twig_Environment::VERSION')
-constant('Twig_Environment::VERSION_ID')
+constant('Twig_Environment::VERSION_ID')
-constant('Twig_Environment::EXTRA_VERSION')
+constant('Twig_Environment::EXTRA_VERSION')
-# VELOCITY (JAVA)
+# VELOCITY (JAVA)
-# http://velocity.apache.org/tools/devel/generic.html
+# http://velocity.apache.org/tools/devel/generic.html
-$context.keys
+$context.keys
-$context.TOOLS_VERSION
+$context.TOOLS_VERSION
-$field.in("org.apache.velocity.runtime.VelocityEngineVersion")
+$field.in("org.apache.velocity.runtime.VelocityEngineVersion")
-$field.in("org.apache.velocity.runtime.RuntimeConstants")
+$field.in("org.apache.velocity.runtime.RuntimeConstants")
-# THYMELEAF (JAVA)
+# THYMELEAF (JAVA)
-# https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#variables
+# https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#variables
-# https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#execution-info
+# https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#execution-info
-#execInfo
+#execInfo
-#execInfo.templateStack
+#execInfo.templateStack
-#execInfo.templateStack[0].getClass.forName("org.thymeleaf.Thymeleaf").getField("VERSION").get(null)
+#execInfo.templateStack[0].getClass.forName("org.thymeleaf.Thymeleaf").getField("VERSION").get(null)
-execInfo
+execInfo
-execInfo.templateStack
+execInfo.templateStack
-execInfo.templateStack[0].getClass.forName("org.thymeleaf.Thymeleaf").getField("VERSION").get(null)
+execInfo.templateStack[0].getClass.forName("org.thymeleaf.Thymeleaf").getField("VERSION").get(null)
-# SMARTY (PHP)
+# SMARTY (PHP)
-# https://www.smarty.net/docs/en/language.syntax.variables.tpl
+# https://www.smarty.net/docs/en/language.syntax.variables.tpl
-# https://www.smarty.net/docs/en/language.variables.smarty.tpl#language.variables.smarty.config
+# https://www.smarty.net/docs/en/language.variables.smarty.tpl#language.variables.smarty.config
-$smarty.version
+$smarty.version
-$smarty.config
+$smarty.config
-$smarty.template
+$smarty.template