Skip to content

Release v1.1.3
Compare
Choose a tag to compare
@0xn3va 0xn3va released this 14 May 18:00
· 7 commits to main since this release
v1.1.3
382e3bb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Added

  • Argument injection 0437b2f
    • awk
      • Command execution via system()
    • curl
      • Reading/writing/exfiltrating local files
    • find
      • Command execution via exec and execdir
      • Writing local files using fprintf
    • git
      • Command execution via core.pager in .git/config
      • git-diff
        • Reading local files using --no-index or diff against /dev/null
      • git-fetch
        • Command execution via --upload-pack
      • git-fetch-pack
        • Command execution via --upload-pack and --exec
      • git-grep
        • Command execution via -O/--open-files-in-pager
      • git-ls-remote
        • Command execution via --upload-pack
      • git-pull
        • Command execution via --upload-pack
    • ssh
      • Command execution via LocalCommand in ssh_config
    • ssh-keygen
      • Command execution via -D
    • tar
      • Command execution via --to-command
      • Command execution via -I/--use-compress-program
    • wget
      • Reading/writing/exfiltrating local files
    • zip
      • Command execution via -TT/--unzip-command
  • Docker Escaping 00adf5f
    • PID Namespace Sharing
  • Spring 33127c1
    • useSuffixPatternMatch misconfiguration
  • Command injection dac29c7
    • Link to an article that describes a case of remote LD_PRELOAD exploitation

Updated

  • Parameter Injection was renamed into Argument Injection 0437b2f
  • GitHub Actions 351807c
    • Prohibition to make changes in .github/workflow from forks using GITHUB_TOKEN (including pull requests merging)
  • Cookie Security 28fb2ab
    • Tiny notes
Assets 2
Loading