ZipSlip w/ TAR & Server-Side Template Injection - HackTheBox University CTF - "Slippy"

heyy John, I've been watching hours of your content and I think this is the right moment to leave a comment. I really love your videos and especially the rythm and the way you say everything that goes through your mind I'm still kind of half a noob at programming but listening to you thinking and testing stuff is way more enjoyable and inspiring than boring tutorials Thank your for sharing your knowledge, I wish you the best from France -A random dude that learns and devs web and python apps in his bedroom at parents'

john i've been subscribed for years and was really big on your channel about early last year. I fell off because of school and other stuff but tonight i sat down and watched the whole thing through, which I normally never do to any youtube video. now my itch is back and I want to get back into CTFs. thanks for sticking around and for the constant flow of informative engaging content.

I found your channel many months ago through these kinds of videos, and here I am, still watching these videos.

Love your vids man, teaching me to be a better programmer and problem solver...thanks for sharing your brain and time.

"Werkzeug" is german for "tool". Watching you is so interesting and helpful, love your videos. Greetings from germany.

opening a totally new world with you man, excellent

I'm 100% using "That floated my fancy" in my day to day conversation from now on.

Would be interested to see a CTF where you are to attack a Spring Boot Java application. Love the videos BTW!

As always, amazing video. Thank you John.

I am your great fan john, I have learnt many stuffs from your vids

I’m a front end dev but can’t stop watching your videos. Is this a sign?? Haha

well done as always! Thanks.

no chapters in a 40 min video 😱 this was a great challenge! nice to see the extra exploration of SSTI, i just replaced one of the python files with a modified version containing some friendly (totally non malicious) code 😈

Sublime allows you to open an entire folder at a time so that its easier for the viewers to follow along on where you are in the file tree

Great video, thanks for sharing!

impressed and subscribed

Love the videos, they are always so much to absorb I love it. your probably aware of this one, but when you get a code output that's is all jumbled. rather then trying to splitting the code up. which works no doubt, just seems quicker or run it through an online code beautifier. some code editors might have a auto beautifier. they have them for most of the code language's. they doesn't alter the code just makes it human readable. puts in the tabs in the right spot for python. or other code types. also adds color for more complicated code which is a nice touch.

That's why I always run the webserver as a low privileged user and set all permission on files as read-only (for the web server user). Anyway as always thank you for sharing the knowledge!

That tickled my boat

Since it was running as root, could have just injected a python script to give you reverse TCP and it should be a reverse shell running as root, correct?