Name: DotJS Scanner

DotJS is a fast template engine used by web developers to simplify the rendering of dynamic web pages. It is commonly integrated into web applications that require dynamic server-side logic to display customized content. Many companies and individuals utilize DotJS to structure their web content, benefiting from its flexibility and high performance.

This scanner focuses on detecting Server Side Template Injection (SSTI), a critical vulnerability that occurs when user input is unintentionally executed on the server. By exploiting SSTI, attackers can execute arbitrary code on the server, potentially compromising the entire application. This vulnerability is particularly dangerous due to its ability to bypass conventional security measures if not properly mitigated.

The SSTI vulnerability detected by this scanner typically manifests in web applications that improperly handle user input or fail to sanitize data before rendering a page. The scanner uses special payloads designed to manipulate template syntax, aiming to uncover injection points. Such points can occur within query parameters, HTTP headers, or other user-controlled input fields.

If an SSTI vulnerability is exploited, attackers might gain unauthorized access to sensitive server-side operations or data. Advanced exploitation could lead to full remote code execution, posing a severe risk to the integrity and confidentiality of the affected system. Other impacts might include data leakage, system compromise, and application downtime.

REFERENCES

• https://github.com/olado/doT
• https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756