-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.py
40 lines (31 loc) · 1.05 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
"""
Project: Jinja2-ExploitMe
File: app.py
---
Launch w/ Live Reload:
export FLASK_ENV=development; flask run
"""
import os
from flask import Flask, render_template, render_template_string, request
from jinja2.exceptions import TemplateSyntaxError
app = Flask(__name__)
@app.route("/")
def index():
"""
This route is vulnerable to Server Side Template Injection attacks.
Your goal is to exploit it in as many ways as possible.
Once you've found at least two (2) exploits, share your findings with a peer.
Finally, fix this code so that this route is no longer exploitable.
"""
exploit = request.args.get('exploit')
# exploit = 2*'test'
# hello = 'hello'
rendered_template = render_template("app.html", exploit=exploit)
try:
render_template_string(rendered_template)
except TemplateSyntaxError:
rendered_template = render_template("app.html", exploit='Not a valid Jinja2 expression.')
finally:
return render_template_string(rendered_template)
if __name__ == "__main__":
app.run(debug=True)