Tag: jinja2
-
July 27, 2022Python vulnerabilities : Code execution in jinja templates
We will see how to create context-free payloads for jinja2, always allowing direct access to the os module in a jinja2 template without requirements. These payloads will be particularly useful for exploiting SSTI vulnerabilities. -
August 26, 2021Python context free payloads in Mako templates
We will see how to create context-free payloads for Mako, always allowing direct access to the os module in a jinja2 template without requirements. These payloads will be particularly useful for exploiting SSTI vulnerabilities.August 26, 2021 Python context free payloads in Mako templates -
July 27, 2021Python vulnerabilities : Code execution in jinja templates
We will see how to create context-free payloads for jinja2, always allowing direct access to the os module in a jinja2 template without requirements. These payloads will be particularly useful for exploiting SSTI vulnerabilities.
Compact view