1. Web Security Academy
  2. Server-side template injection
  3. Exploiting
  4. Lab

Lab: Server-side template injection with a custom exploit

EXPERT

This lab is vulnerable to server-side template injection. To solve the lab, create a custom exploit to delete the file /.ssh/id_rsa from Carlos's home directory.

You can access your own account with the following credentials:

  • username = wiener
  • password = peter

Note: As with many high-severity vulnerabilities, experimenting with server-side template injection can be dangerous. If you are not careful when invoking methods, you could damage your instance of the lab, which could make it unsolvable. In this case, you will need to wait 20 minutes for your lab session to reset.

Try Burp Suite for Free

Find server-side template injection vulnerabilities using Burp Suite

Try for free