Категории

Server Side JavaScript Injection

Опубликовано: 18 Октябрь 2021
на канале: CyberSecurityTV
4,551
89

Thank you for watching the video :
Server Side JavaScript Injection

Server-side JavaScript (SSJS) is integral to many NoSQL databases such as MongoDB and Neo4j, and the web server framework Node.js is also built on SSJS. Server Side JavaScript injection is the ability for a user to inject code that will in turn be evaluated by the server, and therefore would allow an attacker to potentially execute arbitrary code under the context of the server and interaction with the filesystem, which may lead to the full compromise of the host.

Denial of Service conditions is also possible, by killing the process or entering an infinite loop as NodeJS runs in a single thread.

In this episode, we will discuss what is SSJI and will see a demo of the exploitation.

ABOUT OUR CHANNEL📜
Cyber Security is a non-profit initiative taken by security professionals. Here we are uploading a series of videos to learn and get expertise in various domains of security. We are teaching tools, techniques, and methods which can be used on penetration testing assignments.

📌CHECK OUT OUR OTHER VIDEOS
▶️ Advance File Upload Exploit | Double Extension
   • Advanced File Upload Exploit | Double...  
▶️ OWASP ZAP For Beginners | Form Authentication
   • OWASP ZAP For Beginners | Form Authen...  
▶️ Insecure Deserialization | OWASPT Top 10
   • Insecure Deserialization | OWASPT Top 10  
▶️ HTTP Security Headers | Part 02
   • HTTP Security Headers | X-Frame-Optio...  

FOLLOW US ON SOCIAL
▶️Security Blog
https://bhaumikshah04.blogspot.com/
▶️Facebook
  / infosecforstarters  


#owasptop10 #webapppentest #appsec #applicationsecurity #apitesting #apipentest #cybersecurityonlinetraining #freesecuritytraining #penetrationtest #ethicalhacking #pentestforbegineers #ethicalhackingforbeginners #modernwebappattacks #serversidejavascriptinjection #ssji #injection #serversideinjection


Related Searches:
javascript injection example
javascript injection password
server side javascript injection reverse shell
server side javascript injection payloads
server side javascript exploit

play_arrow
5,500
403

Triono comal vs Mariaban Jin Peniru

Triono comal vs Mariaban Jin Peniru
play_arrow
168
1

Сармат — новейшая межконтинентальная баллистическая ракета России

Сармат — новейшая межконтинентальная баллистическая ракета России
play_arrow
259
5

Armenian Wedding Cake

Armenian Wedding Cake
play_arrow
2,907
92

КОМАНДА ТОНИ ФЕРГЮСОНА ЖЕСТКО ОТВЕТИЛА ХАБИБУ НУРМАГОМЕДОВУ НА ЕГО СЛОВА ПОДДЕРЖКИ! UFC-249

КОМАНДА ТОНИ ФЕРГЮСОНА ЖЕСТКО ОТВЕТИЛА ХАБИБУ НУРМАГОМЕДОВУ НА ЕГО СЛОВА ПОДДЕРЖКИ! UFC-249
play_arrow
263
4

vivo v 40 pro bbd sale price | vivo v 40 pro in big billion day sale

vivo v 40 pro bbd sale price | vivo v 40 pro in big billion day sale
play_arrow
13,447
206

OMSI 2 – LiAZ 2020 Electrobus [6274.02]

OMSI 2 – LiAZ 2020 Electrobus [6274.02]
play_arrow
113
2

Лучший Танк На Районе - Грок, Mobile Legends

Лучший Танк На Районе - Грок, Mobile Legends
play_arrow
1,970
33

14-Configuring BRAS, Interface Dialer 0

14-Configuring BRAS, Interface Dialer 0
Похожие видео
play_arrow
JWT Security Vulnerabilities | CyberSecurityTv

JWT Security Vulnerabilities | CyberSecurityTv
play_arrow
JWT Explained in Depth | CyberSecurityTv

JWT Explained in Depth | CyberSecurityTv
play_arrow
What is HIPAA Compliance? | CybersecurityTv

What is HIPAA Compliance? | CybersecurityTv
play_arrow
Security Vulnerabilities in OAuth | OAuth Intro and Risks

Security Vulnerabilities in OAuth | OAuth Intro and Risks
play_arrow
What are OAuth Security Vulnerabilities | CybersecurityTv

What are OAuth Security Vulnerabilities | CybersecurityTv
play_arrow
Tips for Secure Code Review | CybersecurityTv

Tips for Secure Code Review | CybersecurityTv
play_arrow
Cryptography and Blockchain

Cryptography and Blockchain
play_arrow
Session and Federation #Shorts

Session and Federation #Shorts
play_arrow
What are Session and Federation Management Techniques

What are Session and Federation Management Techniques
play_arrow
How to use OWASP Security Knowledge Framework | CyberSecurityTV

How to use OWASP Security Knowledge Framework | CyberSecurityTV
play_arrow
Difference and Advantages of VPC, ACL and SG | CyberSecurityTV

Difference and Advantages of VPC, ACL and SG | CyberSecurityTV
play_arrow
Real World CSP Evaluation | CyberSecurityTV

Real World CSP Evaluation | CyberSecurityTV
play_arrow
PGP Generation | CyberSecurityTV

PGP Generation | CyberSecurityTV
play_arrow
How To Generate Secure PGP Keys | CyberSecurityTV

How To Generate Secure PGP Keys | CyberSecurityTV
play_arrow
How to answer API security questions in an Interview? | CyberSecurityTV

How to answer API security questions in an Interview? | CyberSecurityTV
play_arrow
Encryption Basics | CyberSecurityTV

Encryption Basics | CyberSecurityTV
play_arrow
ZAP Active Scan | CyberSecurityTV

ZAP Active Scan | CyberSecurityTV
play_arrow
OWASP ZAP Active Scan | CyberSecurityTV

OWASP ZAP Active Scan | CyberSecurityTV
play_arrow
Secure File Sharing - Part 02 | CyberSecurityTV

Secure File Sharing - Part 02 | CyberSecurityTV
play_arrow
Secure File Send | CyberSecurityTV

Secure File Send | CyberSecurityTV
play_arrow
File Sharing Risks Email and Cloud | CyberSecurityTV

File Sharing Risks Email and Cloud | CyberSecurityTV
play_arrow
Dark Web Chat Tips | CyberSecurityTV

Dark Web Chat Tips | CyberSecurityTV
play_arrow
Dark Web Secure Chat | Pidgin

Dark Web Secure Chat | Pidgin
play_arrow
Pynt API Security Testing Revolution | CyberSecurityTV

Pynt API Security Testing Revolution | CyberSecurityTV