Introduction
In this video walkthrough, we covered manual and automatic methods to detect Server Side Template Injection or SSTI. We used ZTH: Obscure Web Vulns room from TryHackMe .
SSTI or Server Side Template Injection
A template engine allows developers to use static HTML pages with dynamic elements. Take for instance a static profile.html page, a template engine would allow a developer to set a username parameter, that would always be set to the current user’s username
Server Side Template Injection, is when a user is able to pass in a parameter that can control the template engine that is running on the server.
This introduces a vulnerability, as it allows a hacker to inject template code into the website. The effects of this can be devastating, from XSS, all the way to RCE.
Note: Different template engines have different injection payloads, however usually you can test for SSTI using {{2+2}} as a test.
Answers
What is the flag?
Video Walk-through
