https://github.com/tkmru/client-side-template-injection-sample

Client-Side Template Injection Sample App with AngularJS
https://github.com/tkmru/client-side-template-injection-sample

angularjs demo-app websecurity

Last synced: 2 months ago
JSON representation

Client-Side Template Injection Sample App with AngularJS

• Host: GitHub
• URL: https://github.com/tkmru/client-side-template-injection-sample
• Owner: tkmru
• License: mit
• Created: 2019-02-11T18:19:13.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2023-03-16T05:51:42.000Z (over 2 years ago)
• Last Synced: 2024-10-16T18:08:47.690Z (12 months ago)
• Topics: angularjs, demo-app, websecurity
• Language: HTML
• Homepage:
• Size: 224 KB
• Stars: 1
• Watchers: 3
• Forks: 5
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

README

          
# Client-Side Template Injection Sample App with AngularJS

Client-side template injection vulnerabilities occur when web application using a client-side template framework dynamically embed user input. 

This Sinatra app has a client-side template injection vulnerability with AngularJS. Let's attack it!

![img](./screenshots/screenshot.png)

`{{constructor.constructor('alert(1)')()}}` fire `alert()`.

![img2](./screenshots/screenshot2.png)

# How to use

Run `startup.sh`, sintra app work on 5000 port.

```

$ ./startup.sh

```

## Docker

Also Dockerfile exists.

```

$ docker build . 

$ docker run -p 127.0.0.1:5000:5000 -d 

```

# Case study

- [#230234 [mercantile.wordpress.org] Reflected XSS via AngularJS Template Injection](https://hackerone.com/reports/230234)

- [#250837 Stored xss via template injection](https://hackerone.com/reports/250837)

- [Reflective XSS via angularJS template injection - Hostinger – Taha Ibrahim DRAIDIA – Random Thoughts Mostly About Ethical Hacking](https://blog.ibrahimdraidia.com/xss-via-angularjs-template-injection_hostinger/)

# Licence

The MIT License