Skip to content
/ Template-Twister Public

{{I have made a website that takes an input and displays. But, there is a small issue. For certain inputs some important data is displayed}}

10 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

m-vp/Template-Twister

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
templates
templates
 
 
.gitattributes
.gitattributes
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
description.md
description.md
 
 
flag.txt
flag.txt
 
 
index.py
index.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Template-Twister

Template-Twister is a Flask-based Server-Side Template Injection (SSTI) challenge designed for Capture The Flag (CTF) enthusiasts. The objective is to exploit the SSTI vulnerability to read the flag.txt file and retrieve the flag.

Challenge Description

SSTI (Server-Side Template Injection) occurs when user inputs are insecurely processed by a template engine, leading to arbitrary code execution on the server.

In Template-Twister, your mission is to identify and exploit the SSTI vulnerability to read the content of the flag.txt file located on the server.

Installation and Setup

Follow the steps below to set up and run the challenge locally:

  1. Clone the Repository
    Clone the project from GitHub: 
    git clone https://github.com/m-vp/Template-Twister.git
cd Template-Twister

About

{{I have made a website that takes an input and displays. But, there is a small issue. For certain inputs some important data is displayed}}

Resources

Readme
Activity

Stars

10 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages