- SSTI & XSS : http://localhost/search
- open redirect : http://localhost/redirect?url=http://127.0.0.1/contact
- SQLI : http://localhost/posts/{ID}
Coded By khaled Nassar @knassar702
- python2
- flask module
- jinja2 Template
$ apt install python2
$ pip2 install flask
$ pip2 install jinja2
$ git clone https://github.com/knassar702/hacking-lab && cd hacking-lab
$ python2 hackme.py
UserName : admin
Password : p@ssword