SSJS Web Shell Injection

SSJS Web Shell Injection

Objective of this exercise is to know how Vulnerabilities in Node.js applications, allow Server Side Javascript (SSJS) Injection. See advisory CVE-2014-7205discovered in a Bas master plugin which allows arbitrary Javascript injection. This demo application will only allow a single user input selection to keep things simple.

 Download Lab Manual

Trillium Institute of Security Professionals (TISP)

TISP looks to counter information security threats by educating those who are in the field of information security. Read More

Keep in Touch

www.tisp.com.pk
This email address is being protected from spambots. You need JavaScript enabled to view it.
+92 51 5524181-2
+92 51 556 8044
10th Floor, AWT Plaza, 5 - The Mall, Rawalpindi, Pakistan

Get Map

Trilium Information Security System

Latest News

02
Mar2014

CSO Insight Sessions-2015

TISS sponsored the Tri-City CSO Insight Sessions. These sessions were comprised of Roundtable Discussion Sessions in Islamabad,...

03
Mar2014

InfoSec Conference – 2014

TISS, sponsored the InfoSec 2014 conference at Pearl Continental Hotel, Karachi. CEO of TISS, Mr. Mahir Mohsin,...

05
Mar2014

E Banking Conference ...

Participation as Co-Sponsor in 12th e-Banking International Conference Exhibition in Pakistan at Pearl Continental Hotel,...

06
Mar2014

CSO Central Sessions-2014

Trillium Information Security Systems (TISS) in collaboration with CIO Pakistan powered by IDG for...

10
Mar2014

InfoSec 2013

TISS, sponsored the InfoSec 2013 conference at Pearl Continental Hotel, Karachi.

11
Mar2014

CISO Summit – ITCN ASIA...

TISS, sponsored the CISO Summit conference held at ITCN Asia 2012 and Mr. Mahir Mohsin Sheikh, CEO...

11
Mar2014

Ethical Hacking Training

Trillium Institute of Security Professional organized Onsite 5 days Ethical Hacking Training by combing two of the...

14
Mar2014

Info Security Conference 2014

Info Sec 2014 was organized by the Total Communications with the support of ISACA, Karachi Chapter, Experienced...

01
Sep2015

Introducing New Courses

As a tradition of introducing new courses Trillium Institute of Security Professional organized its first 5 days...

05
Jan2016

Successful Ethical Hacking Training of...

World’s Youngest Microsoft Certified Professionals Rooma Syedain, Inam Ali Syedain Subhan aged 10 years, 9...

26
Aug2016

Successful EC Council Certified Security...

Trainer Zeeshan Akram of the Trillium Institute of Security Professionals successfully completed EC-Council Certified Security Analyst v9...

18
Nov2016

Successful EC Council Certified Ethical...

Trillium Institute of Security Professionals has successfully completed EC Council Certified Ethical Hacker v9 (CEHv9) training organized...

16
Dec2016

Successful Mobile Application Security Testing...

Trillium Institute of Security Professionals has successfully completed a 10 Day Onsite Mobile Application Security Testing Training...

«
»

UpComing Trainings

  • Recent Projects
  • Recent Projects
  • Recent Projects
  • Recent Projects