This is the write up for the PortSwigger Web Security Academy 5th lab in the series for Server-Side Template Injection (SSTI). This one is definitely a step up in complexity. This goes beyond identifying the location for the injection and…
This is the fourth lab from the PortSwigger Web Security Academy on SSTI or Server Side Template Injection. This lab solves in almost exactly the same way as the previous labs – it’s a matter of finding where the vulnerability…
This is the third blog post covering server-side template injection and the associated PortSwigger Web Security Academy labs. This one, to me, is a lot like the last one. Like – exactly. That’s ok, though, as practice makes permanent. And…
Time for the second blog post as in regards to Server-Side Template Injection. This next lab goes a little deeper than the first. For the first lab, all we had to do was identify where a template may be in…
I love hacking. Recently, YesWeHack released a video on YouTube of Brumens’s talk about advanced SSTI techniques from the 2024 Ekoparty conference. This has inspired me to circle back on this topic, redo the Portswigger labs and document. I know…