Temple - DOJO #28 (Until 13/11/2023)
How to submit your report
- Visit the DOJO program at https://yeswehack.com/programs/dojo
- Click on submit report
- Login or create your account
- Submit your report
This time we try to keep the challenge more beginner friendly! Let's be creative, bypass some filters and get a remote code execution (RCE), shall we?
~ A real hacker knows how to use Google properly
BRUTE FORCE IS NOT ALLOWED! Please, do not execute unnecessary system commands on the test system.
A valid solution for the challenge must meet these requirements:
Preform a successful Server-Side Template Injection (SSTI) that can execute system commands on the system.
Your report MUST include a proof of concept (POC) showing that your payload can execute a system command. Some good commands to use as a POC are the following:
~ It is always useful to include an image of the result your payload provided