firebadnofire
/
SecLists
mirror of https://github.com/danielmiessler/SecLists.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
SecLists/Pattern-Matching/grepstrings-auditing-php.md

534 B
Raw Permalink Blame History

Auditing php source code with grep

XSS

grep -Ri "echo" *

grep -Ri "\$_" * | grep "echo"

grep -Ri "\$_GET" * | grep "echo"

grep -Ri "\$_POST" * | grep "echo"

grep -Ri "\$_REQUEST" * | grep "echo"

SQL Injection

grep -Ri "$sql" *

grep -RI "mysqli(" *

grep -Ri "pdo(" *

File inclusion

grep -Ri "file_include(" *

grep -Ri "file_get_contents(" *

grep -Ri "include(" *

Command execution

grep -Ri "shell_exec(" *

grep -RIt "system(" *

grep -Ri "exec(" *