Ninja

SCENARIO

SecureCorp just shipped a new internal portal complete with a user activity dashboard and an admin reporting system. The development team is proud of their work and confident in their security posture. Their reasoning? They use Jinja2 for templating, and Jinja2 handles XSS automatically. Nothing to worry about.

You have full access to the source code. Look closely at how the application decides which template to render, and ask yourself whether the team's confidence is actually warranted.

Flag format: flag{}

Infrastructure

- Docker Container — HTTP on port 5000

Provided Files

- Ninja.zip (116.3 KB)