1. Web Security Academy
  2. Server-side template injection
  3. Exploiting
  4. Lab

Lab: Server-side template injection in an unknown language with a documented exploit


This lab is vulnerable to server-side template injection. To solve the lab, identify the template engine and find a documented exploit online that you can use to execute arbitrary code, then delete the morale.txt file from Carlos's home directory.