Found injection in POST parameter on website made with spring.
Payload: #{7*7}
Response: You searched for: ??49_en_US??
Command: ./tplmap.py -X POST -d name=AAonDRyz -u 'url' --proxy=127.0.0.1:8080
When testing with tplmap no injectable parameter were found. I checked the request tplmap makes, and all requests containing payloads with #{ were surrounded with single or double quotes and got not detected.
Example:
Payload: "#{95*58}"
Response: You searched for: "#{95*58}"
Example2:
Payload: '#{2+2}'
Response: You searched for: #{2+2}
I was recently facing an issue described here: #103 , and removed Twig from the plugin array in /core/checks.py. Maybe some checks are skipped now.
Found injection in POST parameter on website made with spring. Payload:
#{7*7}
Response:You searched for: ??49_en_US??
Command:
./tplmap.py -X POST -d name=AAonDRyz -u 'url' --proxy=127.0.0.1:8080
When testing with tplmap no injectable parameter were found. I checked the request tplmap makes, and all requests containing payloads with#{
were surrounded with single or double quotes and got not detected.Example: Payload:
"#{95*58}"
Response:You searched for: "#{95*58}"
Example2: Payload:
'#{2+2}'
Response:You searched for: #{2+2}
I was recently facing an issue described here: #103 , and removed
Twig
from the plugin array in /core/checks.py. Maybe some checks are skipped now.