Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Serverside script injection?

Serverside script injection?

From: joh ket <johket_at_hotmail.com>
Date: 10 Jan 2003 09:05:31 -0000
('binary' encoding is not supported, stored as-is) Hi there.

I have a question regarding serverside script injection. Does it exist -
is it possible?

In the past there were some vulnerabilities in serverside scripts. It was
possible to execute OS-commands through URL/userinput manipulation,
I assume this happened mostly with CGI and perl scripts. Was this just
based on the way the variables (userinput) was used in OS commands,
and if the 'user data' was able to break out the intended command?

I think it depends on the applicationserver software if 'serverside script
injection' is possible or not (assuming the programmer/coder does not want
any security). In my opinion most important is the way that the
applicationserver handles variables. The possibility for variables to
contain commands...

Is it (theoretically) possible on ASP servers to inject 'malicious' code
into the webpage, so that it is processed on the serverside?
Is it possible on PHP or Coldfusion?

Are there any real life examples?
(so that I can play with it in my testlab)

Thank you for all reactions!

Regards,
Received on Jan 15 2003
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos