This lab uses the Freemarker template engine. It is vulnerable to server-side template injection due to its poorly implemented sandbox. To solve the lab, break out of the sandbox to read the file
my_password.txt from Carlos's home directory. Then submit the contents of the file.
You can access your own account with the following credentials:
Objectclass to find methods that should be available on all objects. Confirm that you can execute