-
All kinds of great info out there:
- http://www.lanmaster53.com/2016/03/exploring-ssti-flask-jinja2/
- http://www.lanmaster53.com/2016/03/exploring-ssti-flask-jinja2-part-2/
- https://gist.github.com/…
-
```console
(kali㉿kali)-[~/recon/output]
└─$ ../scripts/nuclei.sh XXXX
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/…
-
-
In here,
https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection#jinja2-python
I think, It can add more Command remote execution on jinja2? it's simple and useful.
The …
-
**Describe the bug**
Not sure if i use it in the right way. There is no output result.
**To Reproduce**
* Your command
```
$ echo "http://testphp.vulnweb.com/listproducts.php?cat=1" | scant3r -…
-
Welcome back sports fans, we have another exciting round of Mac errors which make no sense.
This time in the blue corner we have test_pseudodata which can throw the following error on travis:
``…
-
### Template Information: VMware Workspace ONE Access - Freemarker SSTI
### Nuclei Template:
```id: CVE-2022-22954
info:
name: VMware Workspace ONE Access - Freemarker SSTI
…
-
-
We have been unable to run the Specified Dynamics (SD) code with ERA5 data. Chuck Bardeen tracked this down to a problem with how the sea ice fraction is being read in (Kudos to Chuck!). His report is…
-
Hello, is possible add command injection for this project, here the commands:
1) `cat subdomains.txt | httpx -silent -status-code | gauplus -random-agent -t 200 | qsreplace “aaa%20%7C%7C%20id%3B%2…
0xJin updated
2 years ago