rootđź’€muzec-sec:~#

Hack. Sleep. Repeat

View on GitHub

image

Just a simple Server Side Template Injection (SSTI) .

On the web page i think we have all the hint we can ask for we already know it Proudly powered by Flask/Jinja2 so let try to confirm it.

image

http://138.68.141.81:32732/$ we get 404 not found but our input reflect let try injecting another command.

image

http://138.68.141.81:32732/${ Boom again let find the crash point.

image

Boom a crash point http://138.68.141.81:32732/$ image

image

Boom we are the root user cool let list directory.

image

image

138.68.141.81:32732/ image

We can see the flag.txt let cat it and we are done.

138.68.141.81:32732/ image

Nah not going to show you the flag get it yourself lol.

Greeting From Muzec



Back To Home