Echo ( Web exploitation )

Challenge: Echo

Some links for referrence to help me solve this question

• https://book.hacktricks.xyz/pentesting-web/ssti-server-side-template-injection

• https://medium.com/@nyomanpradipta120/ssti-in-flask-jinja2-20b068fdaeee

Finding a way to get out of the “echo” function

• Hint given is : template

• Tried SSTI

• When trying one of the templates, it listed all the files inside of the flask

• Change the command instead of ‘ls’ to ‘cat flag’

LNC2022{s3rv3r_s1d3_t3mplAte_Inj3ct10n_i5_fUn}