Hackers of India

WebApp Remote Code Execution using Server Side Scripting Engines

 Rahul Sasi 

2012/08/03

Abstract

Remote code execution in web application is as critical as it sounds . The most followed methods to achieve code executions in web applications Pentest|Attack are via LFI|RFI|SQL injections attacks. Where you have un validated inputs passed on to critical (asp,php,java) function calls|Databases. This talk would be extending the code executions surface by trying to attacks the FrameWorks and Scripting Engines via Web Apps.