Jump to content
Nytro

Tplmap

By Nytro, in Programe hacking

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

Tplmap

Tplmap (short for Template Mapper) is a tool that automate the process of detecting and exploiting Server-Side Template Injection vulnerabilities (SSTI). This assists SSTI exploitation to compromise the application and achieve remote command execution on the operating system.

The tool can be used by security researches and penetration testers, to detect and exploit vulnerabilities and study the template injection flaws.

Tplmap template capabilities can be extended via plugins. Several sandbox break-out methodologies came from James Kett's research Server-Side Template Injection: RCE For The Modern Web App and other original researches.

As advanced features Tplmap detects and achieves command execution in case of blind injections and is able to inject in code context.

 

Link: https://github.com/epinna/tplmap

 

 

  • Upvote 2

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...