Hacking Websites: Server-Side Template Injection | picoCTF

Learn web app pentesting with picoCTF's SSTI challenge. Free, browser-based, 3 hours, no setup—hacking for beginners! 💻

Hacking Websites: Server-Side Template Injection | picoCTF
HackHunt
3.6K views • Sep 5, 2025
Hacking Websites: Server-Side Template Injection | picoCTF

About this video

💻 Learn Web App Pentesting for free, right in your browser 👉 https://www.hackstation.io/

⏱️ Only 3 hours
🛠️ No VMs, no setup
🔓 Learn by hacking, not watching
🆓 Completely free

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

This video covers a complete writeup of the PicoCTF 2025 SSTI1 challenge from the Web Exploitation category. I explain how the vulnerability works, demonstrate the use of template expressions like {{7*7}} to confirm Jinja2, and walk through exploiting Server Side Template Injection to read files and capture the flag. This step-by-step guide is useful for CTF players, beginners in web security, and anyone learning exploitation techniques.

Disclaimer: This video is for educational purposes only.

Tags and Topics

Browse our collection to discover more content in these categories.

#picoctf 2025 #picoctf ssti1 #picoctf writeup #picoctf web exploitation #ssti vulnerability

Video Information

Views

3.6K

Likes

123

Duration

2:50

Published

Sep 5, 2025

User Reviews

4.6
(3)
Rate:

Related Trending Topics

LIVE TRENDS

Related trending topics. Click any trend to explore more videos.

No specific trending topics match this video yet.

Explore All Trends