SSTI Bypass Using New Line Injection (1337 UP CTF - Smarty Pants)
Hi mates! This writeup is intended to showcase the following:
SSTI in template Smarty (PHP)
Bypassing regex filters using a new line injection
First of all, let's see how PHP behaves when we invoke a new line inside a function call:
As we can se...
thewhitehatpanther.hashnode.dev1 min read