Tag: ssti

• Late | Hack The Box

  Out of the blocks we don’t really have a lot to go off, so straight to the web app to see if we can break something. We’re given a subdomain (images.late.htb) from the landing page so we’ll have a look. If we try to bypass the filter by renaming a php.jpg we get the following […]

  hoax

  October 21, 2022

  CTF, HackTheBox, Writeup

  chattr, ocr, ssti

• VulnNet: dotpy | TryHackMe

  Well, there’s only one place to start… Straight in with a login, we’re allowed to create a user and log in to view the dashboard for StarAdmin. After browsing around and finding the server likes to block certain characters, we find it’s vulnerable to SSTI We discover there is a filter in place to block […]

  hoax

  October 8, 2022

  CTF, Python, TryHackMe, Writeup

  jinja2, setenv, ssti

• RedPanda | Hack The Box

  First nmap results, not a lot to go at other than to investigate the web app. If we hit search without anything in we get a bit of info about potential usernames. We can also quickly discover the search bar is vulnerable to SSTI: After following the HackTricks cheat sheet and googling the resulting error […]

  hoax

  September 26, 2022

  CTF, HackTheBox, Writeup

  java, jd-gui, mfsvenom, ssti, xml, xxe