49_V1

EasyWeb Security

Overview

Want the flag ? add a column called "flag" to the table "user" then visit /flag.

Lab Details

Prerequisites & Requirements

Basic understanding of Python and Flask
Knowledge of web application security concepts
Familiarity with template engines, particularly Jinja2
Understanding of SQL and database operations

What will you learn?

How to exploit SSTI to perform database schema modifications

Tools

Burp Suite

Job Positions

Ethical Hacker

Tags

SstiPythonSql InjectionBroken Access ControlInput Validation