Ignore blacklist characters and keywords in SSTI exploit payload
I’m exploiting an SSTI (server-side template insertion) vulnerability in a website written in flask-python.
My problem is that payload for RCE is being limited by blacklist.
I tried everything with a document that I found to be hyper-detai… Continue reading Ignore blacklist characters and keywords in SSTI exploit payload