Detections
Analytics
Code Injection (Php://input Wrapper)
Description
A modern web application will be reliant on several different programming languages.
These languages can be broken up in two flavours. These are client-side languages (such as those that run in the browser -- like JavaScript) and server-side languages (which are executed by the server -- like ASP, PHP, JSP, etc.) to form the dynamic pages (client-side code) that are then sent to the client.
Because all server-side code should be executed by the server, it should only ever come from a trusted source.
Code injection occurs when the server takes untrusted code (ie. from the client) and executes it.
Cyber-criminals will abuse this weakness to execute arbitrary code on the server, which could result in complete server compromise.
Scanner was able to inject specific server-side code via a PHP wrapper (`php://input`) and have the executed output from the code contained within the server response. This indicates that proper input sanitisation is not occurring.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Web App Scanning | Web Applications | Authenticated Scan | HTTP/HTTPS | Code Injection | Plugin IDs: 98121 |
References
Attack Path Technique Details
Framework: OWASP
Family: Injection
Technique: Code Injection
Sub-Technique: PHP Object Injection
Platform: Web Application
Products Required: Tenable Web App Scanning
Tenable Release Date: 2022 Q2