webProhard

В поисках капибары — Hackerlab

hackerlab

Task: Flask web app with login form. Solution: SSTI via Jinja2 with WAF bypass using {%print()%} syntax, hex-escaped __globals__, and lipsum gadget to achieve RCE.

$ ls tags/ techniques/
waf_bypassflaskrcesstijinja2
ssti_jinja2hex_escape_bypasslipsum_gadgetattr_filter_chain
🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Sign in with GitHub to continue. No email required.

$sign in

$ grep --similar

Similar writeups