Bug Hunter Handbook
Search...
Ctrl
K
List of Vulnerabilities
SSTI
Previous
CRLF
Next
Prototype Pollution
Last updated
3 years ago
Was this helpful?
Got RCE in 2 minutes via SSTI, ~waybackurls http://target.com | qsreplace "daman{{9*9}}" > fuzz.txt ~ffuf -u FUZZ -w fuzz.txt -replay-proxy http://127.0.0.1:8080/ (captured requests in burp) searched: daman81 in burp, got 43 results from 1266 requests, noiicee
Template Injection in Action