Member-only story
Hack the Box — Bike Challenge
This guide will walk you through the process of exploiting a Server-Side Template Injection (SSTI) vulnerability in Handlebars, a popular Node.js template engine. When user input isn’t properly sanitized, attackers can inject malicious code that gets executed on the server side. In this walkthrough, we will not only cover how to exploit SSTI but also dive into essential concepts like Node.js, template engines, global variables, and escaping a sandboxed environment.
Before we begin exploiting the SSTI vulnerability, we’ll first conduct a scan using Nmap to identify open ports on the target machine. This is a crucial step for gathering information about potential attack vectors.
Task 1
Scanning the Target with Nmap
Nmap is a powerful tool used to discover hosts and services on a network, providing valuable information like open ports and the services running on them. Let’s break down the command we’ll use to scan the target:
nmap -sVC -T4 -Pn -p- --min-rate 5000 10.129.12.177Here’s what each flag does:
- -sVC: This option combines two flags:
