Templated Dificulty: easy Description: Can you exploit this simple mistake? Solution First we visit the site and see that uses jinja2, this template is susceptible to SSTI attacks. We see that the directory searched is rendered in the page with 25, so its vulnerable to SSTI. We use the payload that will allow us to RCE on the server to read the file flag.txt, we extract it from PayloadsAllTheThings. ...
Cloud Resume Challenge Setup AWS Create your aws account Setup MFA for your roor account Create an IAM user Assign permission (Principle of Least privilege) Setup Vault (https://github.com/99designs/aws-vault) aws-vault add myuser ( ex: aws-vault add dev) aws-vault exex myuser — aws s3 ls Setup S3 What is s3: file service useful for storing files usually for host a website What is AWS SAM: server less application model we will create an AWS Lambda (we ignore this for now) ...