Description
This plugin finds eval() input injection vulnerabilities. These vulnerabilities are found in web applications, when the developer passes user controled data to the eval() function. To check for vulnerabilities of this kind, the plugin sends an echo function with two randomized strings as a parameters (echo ‘abc’ + ‘xyz’) and if the resulting HTML matches the string that corresponds to the evaluation of the expression (‘abcxyz’) then a vulnerability has been found.
Plugin type
Options
| Name | Type | Default Value | Description | Help |
| use_time_delay | boolean | True | Use time delay (sleep() technique) | If set to True, w3af will checks insecure eval() usage by analyzing of time delay result of script execution. |
| use_echo | boolean | True | Use echo technique | If set to True, w3af will checks insecure eval() usage by grepping result of script execution for test strings. |
Source
For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
Plugin source code
Unittest source code
Dependencies
This plugin has no dependencies.
