ssti

hacktoor1 · hacktoor1 · commit 0dd4083b0fce · 2024-04-28T01:01:35.000+03:00
diff --git a/ssti/app.py b/ssti/app.py
@@ -0,0 +1,13 @@
+from flask import Flask, render_template_string, request
+from jinja2 import Template
+
+app = Flask(__name__)
+
+@app.route('/')
+def index():
+    name = request.args.get('name', 'world')  # Get the 'name' query parameter, defaulting to 'world'
+    template = Template('<h2>Hello {{ name }}!</h2>')
+    return render_template_string(template.render(name=name))
+
+if __name__ == '__main__':
+    app.run(debug=True, host='0.0.0.0')
diff --git a/ssti/templates/exploit.html b/ssti/templates/exploit.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Exploit Result</title>
+</head>
+<body>
+    <h1>Exploit Result</h1>
+    <p>Your input: {{ payload }}</p>
+</body>
+</html>
diff --git a/ssti/templates/index.html b/ssti/templates/index.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Hello</title>
+</head>
+<body>
+    <h2>Hello {{ name }}!</h2>
+</body>
