Details

Category: Vulnerabilities

Publisher: trickest

Created Date: 9/7/2021

Container: quay.io/trickest/tplmap:6f21501

Source URL: https://github.com/epinna/tplmap

Parameters

url
string
required
Command: --url - Target URL.
proxy
string
Command: --proxy - Use a proxy to connect to the target URL
cookie
string
Command: -c - Cookies (e.g. 'Field1=Value1').
header
string
Command: -H - Extra headers (e.g. 'Header1: Value1').
tpl-code
string
Command: --tpl-code - Inject code in the template engine.
post-data
string
Command: --data - Data string to be sent through POST. It must be as query string: param1=value1&param2=value2.
technique
string
Command: -t - Techniques R(endered) T(ime-based blind). Default: RT.
user-agent
string
Command: -A - HTTP User-Agent header value.
force-level
boolean
Command: --force-level - Force a LEVEL and CLEVEL to test.
http-method
string
Command: -X - Force usage of given HTTP method (e.g. PUT).
upload-file
file
Command: --upload - Upload file to target.
injection-tag
string
Command: --injection-tag - Use string as injection tag (default '*').
backend-engine
string
Command: -e - Force back-end template engine to this value.
os-cmd-to-execte
string
Command: --os-cmd - Execute an operating system command.
level-code-context
string
Command: --level - Level of code context escape to perform (1-5, Default:1).
force-overwrite-uploaded-files
boolean
Command: --force-overwrite - Force file overwrite when uploading.