All Questions
69 questions
3votes
1answer
953views
How dangerous is disabling PHPHighRiskMethodsVariables_BODY from the AWS ACLs?
Problem Users in my application are being blocked (by the AWS WAF) from uploading files with certain names. In the specific case I am trying to solve, the problematic string is .* System (.*).*. ...
0votes
1answer
141views
Why can I not sql inject this piece of code? [duplicate]
This is the code: $stmt = $db->prepare("SELECT DISTINCT * FROM kurssit WHERE BINARY id=? AND BINARY avain=?"); $stmt->bind_param("is", $kurssi, $avain); // prepare and bind $...
2votes
1answer
213views
Why would you use the command `test` in a php shell injection?
I saw someone doing this in a php shell injection: test | cat /var/backup/secret.txt Why are they using test |? How is that not useless here?
0votes
2answers
659views
Running PHP commands on my website from a form input
I today found some files created and deleted and edited on my website. I don't know how it is done. But I know it can be done by some PHP Functions like : mkdir('Folder'); file_put_contents();scandir()...
1vote
1answer
654views
How to track which php file executed a malware binary
I have a server that seems to be compromised checking the processes running I see an executable that seems to be a mining malware and the hacker uses it to mine litecoin at the address ...
0votes
1answer
214views
Would it be useful from a security perspective to harden an interpreter like Python or NodeJS by removing support for unused features?
When hardening a system you want to remove any features that you do not need. I have been thinking about this concept from the perspective of interpreters like Python, NodeJS, PHP etc. and am ...
0votes
0answers
287views
Injection inside double quoted section of script element
For a test to find vulnerabilities I found the following code in a page and I am looking for ways to manipulate it: <script> func({ "key1": "value", "...
0votes
1answer
250views
How to trace script injection/infection in php app
This is about a PHP7.4 based shopping platform (opencart (v3.0)). For testing purposes I had a dummy set up at site.com/xyz. The admin page of that was site.com/xyz/admin. The login and pw for the ...
- 423
-1votes
1answer
359views
Can't bypass filter [closed]
Trying some malicious injection against bWAPP and came across bypass captcha Filter validating captcha is if($_POST["captcha_user"] == $_SESSION["captcha"]) Tried input 1' || '2 ...
- 11
0votes
2answers
2kviews
SQL Injection update query
I have a sqli and i can dump data from the DB with the query below func=REC&lastid=7491&start=3&uid=56+union+all+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,concat(uid,':',email,':...
4votes
2answers
29kviews
URL parameter manipulation and injection
I have a scenario with 2 sites. Site 1 is mysite.com and Site 2 is secondurl.com. Site 1 is using Wordpress. There, I did a Javascrit/jQuery routine that checks if a given url parameter comes in. If ...
- 153
1vote
1answer
317views
Trying to figure out if I was hit by an obscure exploit attempt of some kind
I just had a random occurrence when I went to one of my hosted websites, and saw the page was broken. We host several domains at this IP, but one domain is actually in the server's webroot directory, ...
- 341
-1votes
1answer
3kviews
SQLI Login Bypass Cheat-sheets Question [duplicate]
Assuming you are authorized to pentest a live website that's login page is vulnerable to SQL Injection. Lets say your backpack has only 2 crafted queries by you which is admin' -- and '=' 'OR'. Your ...
- 57
0votes
1answer
1kviews
Exploit include_once in PHP Code
For a project we were asked to find and exploit the "Remote Code Injection" vulnerability of a web application. After hours of search (we have the source code of the web application as it is running ...
- 23
1vote
1answer
336views
Presistent XSS Filter Bypass Question
I was testing out a stored XSS on a test site I made which is vulnerable so the problem is when I tried executing the usual "><script>alert('XSS')</script> It did not work instead. But ...
- 57
