Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Identify the template engine in the "Server-side template injection using documentation"-Lab

Janosch | Last updated: May 23, 2021 02:20PM UTC

The solutions suggest provoking a syntax/undefined variable error, because the error message gives a hint to the used template engine. When I do that I get an HTTP 500 with the message "Internal server error", no additional headers or anything else. I appreciate any hints, thanks!

Ben, PortSwigger Agent | Last updated: May 24, 2021 10:04AM UTC

Hi, Can you clarify exactly what steps you have used to attempt to generate the error message that should provide you with details of the template being used?

Janosch | Last updated: May 24, 2021 01:53PM UTC

Hi, thanks for your reply. Heres what I did and observed: 1. Login and go to the Template Editing for a product (/product/template?productId=X) 2. Add something like ${lol} to the text 3. Click 'Save' 4. Redirect to product page (/product?productId=X) that shows the aformentioned Internal Server Error message 5. Same message for revisiting the template view for that product The same message also appears when using the preview function. With the only difference, that there is no redirect. This what I did initially and up on reading the solution understand to be what you should be doing to solve it anyway.

Hannah, PortSwigger Agent | Last updated: May 25, 2021 03:25PM UTC

Hi We've replicated your issue, and we're investigating further. We'll let you know when we have some further feedback.

Ben, PortSwigger Agent | Last updated: May 26, 2021 12:48PM UTC

Hi, Just to confirm that we believe that this is a bug in this particular lab and we have raised a bug report for our developers to investigate. They are currently looking into this issue and we will update this thread when a fix has been implemented.

Janosch | Last updated: May 26, 2021 12:59PM UTC

Thanks for looking into this. If it turns out to be indeed a bug, it might be possible that the Lab "Server-side template injection in a sandboxed environment" has the same problem. Though, there the engine is named in the description. I'm not positive how the error messages look, but they might help to differentiate between making a syntax error and a "something is undefined/not allowed" error and thus are welcome there too.

Ben, PortSwigger Agent | Last updated: May 27, 2021 09:12AM UTC

Hi, We will take a look at the other lab that you have mentioned and get back to you.

Ben, PortSwigger Agent | Last updated: May 28, 2021 10:27AM UTC

Hi, It looks like the Server-side template injection in a sandboxed environment lab is functioning as expected and can be solved using the solution provided. Are you experiencing a specific issue with this particular lab?

Janosch | Last updated: Jun 06, 2021 10:54AM UTC

Hi Ben, I apologize for the late reply. Regarding the sandboxed environment lab: It had the same error message behaviour, and was thus a lot let verbose on the error message than all the other server side template injection labs. You can string the solution together by following the official docs, but might get hung up on something like typos or other syntax errors for a while. Since it's an expert level lab, that might actually be a desired additional barrier, but maybe it isn't. That's why I mentioned it. Have a nice week.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.