Server-side Template Injection - Learning section

The Portswigger Web Academy

Before you start

• In the Portswigger Web Academy you'll find the theoretical information and explanation, then you'll find a challenge, make sure to understand the information before you start the challenge.
• The theoretical information is such important as the challenge or practical part.
• Take your notes they are very important.
• Try to do everything by yourself, but remember that we are learning so feel free to see the solution and follow it, you'll learn a lot
• Google is your friend.

Link: Server-side template injection - Portswigger

After the activity

You now know:

• What is server-side template injection.
• The impact of server-side template injection.
• How do server-side template injection vulnerabilities arise.
• How to construct a server-side template injection attack.
• Detect, identify and exploit a server-side template injection attack.
• Look for information in the language documentation.
• Look for known exploits.
• Create a custom attack.

---

PayloadAllTheThings

Here in this site you'll find some useful payloads and a brief explanation of how it works, so make sure to have a look at it.

Also you can use this site and try the payloads in it when you are facing a challenge.

Here is the link: PayloadAllTheThings - Templates Injections

---