mirror of
https://github.com/danielmiessler/SecLists.git
synced 2025-04-27 17:26:29 -04:00
Update
This commit is contained in:
cbk914
parent
52fc87a1fc
commit
d2a20595fc
2 changed files with 80 additions and 80 deletions
|
|
@ -1,78 +1,78 @@
|
|||
# The objective of this dictionary is to help to discover the template engine used
|
||||
# once a evaluation of a template expression was detected via the following dictionary:
|
||||
# https://github.com/danielmiessler/SecLists/blob/master/Fuzzing/template-engines-expression.txt
|
||||
# Special variables are grouped by template engine in order to facilitate the identification.
|
||||
# Use the term between the expression syntax identified as evaluated like "{{ xxx }}" for example.
|
||||
#
|
||||
# Indicate to your fuzzer to ignore a line starting with: "# " (space is important)
|
||||
# You can also filter the dictionary before to use it via the command: grep -v "# " > dict.txt
|
||||
#
|
||||
# Sources:
|
||||
# https://portswigger.net/research/server-side-template-injection
|
||||
# https://github.com/epinna/tplmap
|
||||
# Custom personal labs
|
||||
#
|
||||
# GENERIC: To cause an error and perhaps get technical information
|
||||
1/0
|
||||
# FREEMARKER (JAVA)
|
||||
# https://freemarker.apache.org/docs/ref_specvar.html
|
||||
.version
|
||||
.current_template_name
|
||||
.locale_object
|
||||
# JINJA2 (PYTHON)
|
||||
# https://jinja.palletsprojects.com/en/2.11.x/templates/#debug-statement
|
||||
# https://stackoverflow.com/a/40346872/451455
|
||||
self._TemplateReference__context
|
||||
# DJANGO (PYTHON)
|
||||
# https://docs.djangoproject.com/en/3.1/ref/settings/
|
||||
settings
|
||||
settings.DEBUG
|
||||
settings.DATABASES
|
||||
settings.SECRET_KEY
|
||||
# PUG (NODEJS)
|
||||
# https://pugjs.org
|
||||
# In case of hit then use "Object.keys(VAR_NAME)" to explore the object properties
|
||||
# Self object is available if the "self" options is set to true
|
||||
self
|
||||
# Payload below are more NodeJS related
|
||||
locals
|
||||
global
|
||||
# ERB (RUBY)
|
||||
# https://ruby-doc.org/stdlib-2.7.1/libdoc/erb/rdoc/ERB.html
|
||||
ERB.version()
|
||||
# TORNADO (PYTHON)
|
||||
# https://www.tornadoweb.org/en/stable/template.html
|
||||
# Presence of variables with a name starting with "_tt_" indicate usage of Tornado
|
||||
locals()
|
||||
globals()
|
||||
# TWIG (PHP)
|
||||
# https://twig.symfony.com/doc/3.x/
|
||||
_self
|
||||
_self.getTemplateName().__toString
|
||||
_context
|
||||
_context|length
|
||||
_context|keys|first
|
||||
constant('Twig_Environment::VERSION')
|
||||
constant('Twig_Environment::VERSION_ID')
|
||||
constant('Twig_Environment::EXTRA_VERSION')
|
||||
# VELOCITY (JAVA)
|
||||
# http://velocity.apache.org/tools/devel/generic.html
|
||||
$context.keys
|
||||
$context.TOOLS_VERSION
|
||||
$field.in("org.apache.velocity.runtime.VelocityEngineVersion")
|
||||
$field.in("org.apache.velocity.runtime.RuntimeConstants")
|
||||
# THYMELEAF (JAVA)
|
||||
# https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#variables
|
||||
# https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#execution-info
|
||||
#execInfo
|
||||
#execInfo.templateStack
|
||||
#execInfo.templateStack[0].getClass.forName("org.thymeleaf.Thymeleaf").getField("VERSION").get(null)
|
||||
execInfo
|
||||
execInfo.templateStack
|
||||
execInfo.templateStack[0].getClass.forName("org.thymeleaf.Thymeleaf").getField("VERSION").get(null)
|
||||
# SMARTY (PHP)
|
||||
# https://www.smarty.net/docs/en/language.syntax.variables.tpl
|
||||
# https://www.smarty.net/docs/en/language.variables.smarty.tpl#language.variables.smarty.config
|
||||
$smarty.version
|
||||
$smarty.config
|
||||
$smarty.template
|
||||
# The objective of this dictionary is to help to discover the template engine used
|
||||
# once a evaluation of a template expression was detected via the following dictionary:
|
||||
# https://github.com/danielmiessler/SecLists/blob/master/Fuzzing/template-engines-expression.txt
|
||||
# Special variables are grouped by template engine in order to facilitate the identification.
|
||||
# Use the term between the expression syntax identified as evaluated like "{{ xxx }}" for example.
|
||||
#
|
||||
# Indicate to your fuzzer to ignore a line starting with: "# " (space is important)
|
||||
# You can also filter the dictionary before to use it via the command: grep -v "# " > dict.txt
|
||||
#
|
||||
# Sources:
|
||||
# https://portswigger.net/research/server-side-template-injection
|
||||
# https://github.com/epinna/tplmap
|
||||
# Custom personal labs
|
||||
#
|
||||
# GENERIC: To cause an error and perhaps get technical information
|
||||
1/0
|
||||
# FREEMARKER (JAVA)
|
||||
# https://freemarker.apache.org/docs/ref_specvar.html
|
||||
.version
|
||||
.current_template_name
|
||||
.locale_object
|
||||
# JINJA2 (PYTHON)
|
||||
# https://jinja.palletsprojects.com/en/2.11.x/templates/#debug-statement
|
||||
# https://stackoverflow.com/a/40346872/451455
|
||||
self._TemplateReference__context
|
||||
# DJANGO (PYTHON)
|
||||
# https://docs.djangoproject.com/en/3.1/ref/settings/
|
||||
settings
|
||||
settings.DEBUG
|
||||
settings.DATABASES
|
||||
settings.SECRET_KEY
|
||||
# PUG (NODEJS)
|
||||
# https://pugjs.org
|
||||
# In case of hit then use "Object.keys(VAR_NAME)" to explore the object properties
|
||||
# Self object is available if the "self" options is set to true
|
||||
self
|
||||
# Payload below are more NodeJS related
|
||||
locals
|
||||
global
|
||||
# ERB (RUBY)
|
||||
# https://ruby-doc.org/stdlib-2.7.1/libdoc/erb/rdoc/ERB.html
|
||||
ERB.version()
|
||||
# TORNADO (PYTHON)
|
||||
# https://www.tornadoweb.org/en/stable/template.html
|
||||
# Presence of variables with a name starting with "_tt_" indicate usage of Tornado
|
||||
locals()
|
||||
globals()
|
||||
# TWIG (PHP)
|
||||
# https://twig.symfony.com/doc/3.x/
|
||||
_self
|
||||
_self.getTemplateName().__toString
|
||||
_context
|
||||
_context|length
|
||||
_context|keys|first
|
||||
constant('Twig_Environment::VERSION')
|
||||
constant('Twig_Environment::VERSION_ID')
|
||||
constant('Twig_Environment::EXTRA_VERSION')
|
||||
# VELOCITY (JAVA)
|
||||
# http://velocity.apache.org/tools/devel/generic.html
|
||||
$context.keys
|
||||
$context.TOOLS_VERSION
|
||||
$field.in("org.apache.velocity.runtime.VelocityEngineVersion")
|
||||
$field.in("org.apache.velocity.runtime.RuntimeConstants")
|
||||
# THYMELEAF (JAVA)
|
||||
# https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#variables
|
||||
# https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#execution-info
|
||||
#execInfo
|
||||
#execInfo.templateStack
|
||||
#execInfo.templateStack[0].getClass.forName("org.thymeleaf.Thymeleaf").getField("VERSION").get(null)
|
||||
execInfo
|
||||
execInfo.templateStack
|
||||
execInfo.templateStack[0].getClass.forName("org.thymeleaf.Thymeleaf").getField("VERSION").get(null)
|
||||
# SMARTY (PHP)
|
||||
# https://www.smarty.net/docs/en/language.syntax.variables.tpl
|
||||
# https://www.smarty.net/docs/en/language.variables.smarty.tpl#language.variables.smarty.config
|
||||
$smarty.version
|
||||
$smarty.config
|
||||
$smarty.template
|
||||
|
|
|
|||
|
|
@ -2115016,7 +2115016,7 @@ sailer99
|
|||
sailer58
|
||||
sailer40
|
||||
sailer34
|
||||
sailer1216soccer1216
|
||||
sailer1216soccer1216
|
||||
sailer1216
|
||||
sailer1
|
||||
sailer.777-ru
|
||||
|
|
@ -3566626,7 +3566626,7 @@ markchambrel
|
|||
markchallinor
|
||||
markchallender
|
||||
markchal
|
||||
markcgilberteternity2969
|
||||
markcgilberteternity2969
|
||||
markcgilbert
|
||||
markcfs
|
||||
markcfee8
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue