ActiveScanPlusPlus icon indicating copy to clipboard operation
ActiveScanPlusPlus copied to clipboard
verified publisher icon albinowax

add some new scans

Open dorkerdevil opened this issue 6 years ago • 2 comments

add detection of

jexl injection and Hubl Injection

dorkerdevil avatar Feb 19 '19 03:02 dorkerdevil

Do you have sample test code and vulnerable images? I'm not personally familiar with either tactic.

chriselgee avatar Feb 19 '19 21:02 chriselgee

i have some articles on it which have some info https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/ jexl- https://blog.csdn.net/aqzwss/article/details/70225883 https://twitter.com/pyn3rd/status/1097519440089047041

hubl injection https://www.betterhacker.com/2018/12/rce-in-hubspot-with-el-injection-in-hubl.html

dorkerdevil avatar Feb 20 '19 08:02 dorkerdevil