Posts: 213 Threads: 0 Joined: N/A New box, gl hf PORT STATE SERVICE
22/tcp open ssh
8080/tcp open http-proxy
Posts: 166 Threads: 0 Joined: N/A trying sql injection in param name :(
Panda name:
Greg
Panda bio:
Greg is a hacker. Watch out for his injection attacks! Posts: 22 Threads: 0 Joined: N/A  search is vulnerable to SSTI
@(50*50)
ASP.NET Razor - Basic injection
@{
// C# code
}Posts: 57 Threads: 0 Joined: N/A (July 9, 2022, 07:18 PM)mimikatz Wrote: search is vulnerable to SSTI
@(50*50)
ASP.NET Razor - Basic injection
@{
// C# code
} Do you know of a c# one liner rev shell ? Posts: 22 Threads: 0 Joined: N/A (July 9, 2022, 07:25 PM)Erik Wrote: (July 9, 2022, 07:18 PM)mimikatz Wrote: search is vulnerable to SSTI
@(50*50)
ASP.NET Razor - Basic injection
@{
// C# code
}
Do you know of a c# one liner rev shell ? I am working on it in burpsuite
https://www.schtech.co.uk/razor-pages-ssti-rce/ Good write up on exploit razor Posts: 57 Threads: 0 Joined: N/A (July 9, 2022, 07:25 PM)mimikatz Wrote: (July 9, 2022, 07:25 PM)Erik Wrote: (July 9, 2022, 07:18 PM)mimikatz Wrote: search is vulnerable to SSTI
@(50*50)
ASP.NET Razor - Basic injection
@{
// C# code
}
Do you know of a c# one liner rev shell ?
I am working on it in burpsuite
https://www.schtech.co.uk/razor-pages-ssti-rce/
Good write up on exploit razor Did you make it work ? Posts: 22 Threads: 0 Joined: N/A (July 9, 2022, 07:42 PM)Erik Wrote: (July 9, 2022, 07:25 PM)mimikatz Wrote: (July 9, 2022, 07:25 PM)Erik Wrote: (July 9, 2022, 07:18 PM)mimikatz Wrote: search is vulnerable to SSTI
@(50*50)
ASP.NET Razor - Basic injection
@{
// C# code
}
Do you know of a c# one liner rev shell ?
I am working on it in burpsuite
https://www.schtech.co.uk/razor-pages-ssti-rce/
Good write up on exploit razor
Did you make it work ? Instead of waiting for a solution from me and leeching can you put in some effort? Posts: 57 Threads: 0 Joined: N/A (July 9, 2022, 07:45 PM)mimikatz Wrote: (July 9, 2022, 07:42 PM)Erik Wrote: (July 9, 2022, 07:25 PM)mimikatz Wrote: (July 9, 2022, 07:25 PM)Erik Wrote: (July 9, 2022, 07:18 PM)mimikatz Wrote: search is vulnerable to SSTI
@(50*50)
ASP.NET Razor - Basic injection
@{
// C# code
}
Do you know of a c# one liner rev shell ?
I am working on it in burpsuite
https://www.schtech.co.uk/razor-pages-ssti-rce/
Good write up on exploit razor
Did you make it work ?
Instead of waiting for a solution from me and leeching can you put in some effort? I'm literally asking you if you succeeded cause I've already tried it and it didn't for me, didn't ask you to tell me how you did it Posts: 24 Threads: 0 Joined: N/A Its simple java ssti. Red Panda Search | Made with Spring Boot - spring framework
https://javamana.com/2021/11/20211121071046977B.html
try to use use *{} instead of ${} It's OK, too Posts: 21 Threads: 0 Joined: N/A (July 9, 2022, 08:05 PM)noone9001 Wrote: ssh
woodenk:RedPandazRule How did you get this? |
