SSI - Server Side Includes attack

-
The Server-Side Includes attack allows the exploitation of a web application by injecting scripts in HTML pages or executing arbitrary codes remotely. It can be exploited through manipulation of SSI in use in the application or force its use through user input fields.

Refer below Video for Exploit demo:




In this video, NETCAT is used to take Reverse Shell by exploiting SSI.

Reference:
http://www.javascriptkit.com/howto/ssi.shtml
https://httpd.apache.org/docs/2.4/howto/ssi.html
https://www.owasp.org/index.php/Server-Side_Includes_(SSI)_Injection
http://www.freewebmasterhelp.com/tutorials/ssi

Comments

Post a Comment

Popular posts from this blog

JTAG PIN Identification

-
Image
My Setup Parrot Linux Arduino UNO Broadlink RM Mini  Software Arduino IDE JTAGEnum ( https://github.com/cyphunk/JTAGenum ) JTAG PINS to be Identified TCK   - Test Clock TMS  - Test Mode  TDI   - Test Data IN TDO  - Test Data Out GND  - Ground Hardware Connection Set up Connect Laptop and Arduino (USB cable) Arduino Digital PIN (any 5 pins) to RM Mini (5 pins) [Except 1 - VCC and 1 - GND] Note: If you are using JTAGENUM, the JTAGenum sketch uses the DIGITAL PIN from 2 to 11. Refer the line number 72(ino file) Software Connection Set up Download the INO sketch from the github Open the Arduino IDE and Load the downloaded JTAGEnum sketch Choose the correct Serial Port and Board Compile and Upload the sketch Open the Serial Monitor Set the correct baud rate Enter the command to scan ("s") Arduino PIN Layout Digital PIN 2(Black) Digital PIN 3(White) Digital PIN 4(Grey)
Read more
-
Image
Rubber Ducky - Arduino UNO Configuration for Arduino UNO Board: Download and install the Latest version of Arduino ( Recommended : Linux/Mac) Download Boot-loader Sketch(INO) from reference URL Open the INO file in the Arduino IDE Connect a Plain(no other wire connection) Arduino UNO to Laptop via USB cable In Arduino IDE, Select Tools->Board->Arduino/Genuino UNO In Arduino IDE, Select Tools->Port->ttyACM0 [Yours could be different. Use dmesg command to identify] Verify and Upload the Code Wait for the message “Upload Done” and Disconnect the USB cable  Make the cable connection as per the below screenshot attached Connect the USB cable again back to laptop and the boot loader will install by itself Wait for 1 to 2 min till the boot-loader get installed Disconnect USB cable from the laptop and disconnect all the jump wire and make the board plain Configuration for Arduino IDE: Connect the Board to laptop via USB cable Navigate File->Pref
Read more

CWE vs CVE

-
CWE: The Common Weakness Enumeration (CWE) is a formal list of software weakness types created to Serve as a common language for describing software security weaknesses in architecture, design, or code.  Reference: http://cwe.mitre.org/about/index.html   CVE: CVE is a list of information security vulnerabilities and exposures that aims to provide common names for publicly known problems. Reference: http://cve.mitre.org/about/terminology.html http://cve.mitre.org/about/index.html Difference (CWE vs CVE): Software vulnerability is a collection of one or more weaknesses that contain the possible way for an attacker to perform unintended behavior. So a weakness is a patterns or behaviors, a group of weakness or a single weakness may help to perform unintended behavior. In other word, When the weakness can be used by an attacker against the software then that's a vulnerability. For example , If an address parameter in register page is not properly validated
Read more