Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Twig PHP <2.4.4 template engine - SSTI

By kannthu

High
Vidoc logoVidoc Module
#php#ssti#twig
Description

What is the "Twig PHP <2.4.4 template engine - SSTI" module?

The "Twig PHP <2.4.4 template engine - SSTI" module is designed to detect a vulnerability in the Twig PHP template engine. This vulnerability allows remote attackers to execute arbitrary commands through a Server-Side Template Injection (SSTI) attack. The severity of this vulnerability is classified as high.

Impact

If exploited, this vulnerability can lead to unauthorized remote code execution on the target system. Attackers can inject malicious code into templates, which will be executed on the server-side, potentially compromising the entire application and its underlying infrastructure.

How the module works?

The module sends an HTTP GET request to the target system with a specific search parameter. The request path is "/search?search_key={{1337*1338}}". The module then checks the response body for the presence of the word "1788906" and verifies that the response status is not 404 (negative match). If both conditions are met, the module reports a vulnerability.

This module is part of the Vidoc platform, which utilizes various modules to perform scanning for misconfigurations, vulnerabilities, and software fingerprinting.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/search?search_key=%...
Matching conditions
word: 1788906and
NOT status: 404
Passive global matcher
No matching conditions.
On match action
Report vulnerability