Server-Side Template Injection with Custom Exploit

Authors

  • Rushi Mamtora  School of Information Technology, Artificial Intelligence, and Cyber Security, Rashtriya Raksha University, Gandhinagar, Gujarat, India
  • Dr. Priyanka Sharma  School of Information Technology, Artificial Intelligence, and Cyber Security, Rashtriya Raksha University, Gandhinagar, Gujarat, India

DOI:

https://doi.org//10.32628/IJSRSET218318

Keywords:

Cyber Security, Vulnerability, Templates, Websecurity, Remote Code Execution, Directory Path Traversal.

Abstract

Cyber attacks are getting progressively incessant, causing a great deal of harm. Attackers take our valuable information by compromising web application security loopholes. Dynamic content that is being incorporated into the html that has been served to the client. assume when you open a site page then you see your name so that is dynamic substance for each client who additionally at any point visits that page. We can inject input fields and they are shipped off the web worker. So ,we need to check for all information handled whose worth is reflected in some structure to get the prepared payload. Then attempt to misuse it dependent on the layouts. This paper discusses the idea of an template injection and its impact on template based web application

References

  1. Vijit Das Noyon, Yeahia Md Abid , Md. Maruf Hassan , Md. Hasan Sharif, Fabiha Nawar Deepa, Rayhanul Islam Rumel, Rafita Haque, Samia Nasrin, Moniruz Zaman. A Study of Ajax Template Injection in Web Applications.  https://www.researchgate.net/publication/326668286_A_Study_of_Ajax_Template_Injection_in_Web_Applications
  2. M. I. Ahmed, M. M. Hassan, and T. Bhuyian. Local File Disclosure Vulnerability: A Case Study of Public-Sector Web Applications https://www.researchgate.net/publication/322236714_Local_File_Disclosure_Vulnerability_A_Case_Study_of_Public-Sector_Web_Applications
  3. Hossain Shahriar, Sarah M. North, YoonJi Lee and Roger Hu. Server-side code injection attack detection based on Kullback-Leibler distance.  https://www.researchgate.net/publication/280768581_Server-Side_Code_Injection_Attack_Detection_Based_on_Kullback-Leibler_Distance
  4. Yunhui Zheng, Xiangyu Zhang. Path sensitive static analysis of web applications for remote code execution vulnerability detection https://ieeexplore.ieee.org/document/6606611
  5. Gary Wassermann; Zhendong Su. Static detection of cross-site scripting vulnerabilities. https://ieeexplore.ieee.org/document/4814128

International Journal of Scientific Research in Science, Engineering and Technology

Downloads

Published

2021-06-30

Issue

Volume 8, Issue 3, May-June-2021

Section

Research Articles

License

Copyright (c) IJSRSET

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Rushi Mamtora, Dr. Priyanka Sharma, " Server-Side Template Injection with Custom Exploit, International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 8, Issue 3, pp.105-108, May-June-2021. Available at doi : https://doi.org/10.32628/IJSRSET218318