Bypassing HttpOnly with phpinfo file

so, why phpinfo?

Stealing ci_session with info.php file

Gist: https://gist.github.com/ls4cfk/0deb122d4e2e24ac66cd74d3edf956bf
/examples/servlets/servlet/SessionExample

--

--

--

Born at a very young age.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Creating a Lollipop Plot with two groups in Python

CS373 Fall 2020: Jonathon Lowe (Eleventh Entry)

Run your own mainframe using Hercules mainframe emulator and MVS 3.8j tk4

Apply (Pandas) in Python

Ebook Editing Using Macros

Serverless And Bitcoin — Creating Price Watchers Dynamically

Streaming Unzip with Go & AWS Lambda

Automate CSV file unload to AWS S3 from Snowflake using Stream, Stage, View, Stored Procedure and…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Aleksi Kistauri

Aleksi Kistauri

Born at a very young age.

More from Medium

Unrestricted File Upload (Cloud fare Bypass )

FILE UPLOAD RESTRICTION BYPASS

Bug Bounty: Open Xmlrpc.php vulnerability on WordPress site.

Log4j Vulnerability