thank you for joining us!

COMMSEC LAB: Template Injection On Hardened Targets


August 25, 2022




CommSec Track

During his Black Hat 2015 presentation, James Kettle explained how template injections could lead to code execution. At the end of the talk, he recommended running application in containers with limited privileges and read-only file system.

Six years later, containers are now the standard of web-app deployment and getting code execution inside a well isolated container can be seen as low impact. In this workshop we will explore new template injection techniques specially crafted for hardened environment.

We will focus on two environments:

• Python with Flask / Jinja2
• JavaScript with Express / Vue

We will build our own tooling in Python to solve a series of challenges with increasing difficulty.

Required for the workshop:

• Experience in Python/JavaScript
• Basic Docker skill


Tech Ambassador


BitK is a French Security Researcher, Bug Hunter, Member of the French CTF team The Flat Network Society and Tech Ambassador at YesWeHack. He is the author of YesWeBurp (a must have bug bounty plugin) and multiple hacking tools like pwnfox, pwnmachine, and more.

He has been doing CTF and bug bounty for over ten years with a specialty in web exploitation. Some of his CTF achievement are: 1st place CsCamp CTF 2012 (Egypt) 1st place Atast CTF 2013 (Tunisia) 1st place Hacknoledge 2013 (France) 2nd place Steria Hacking Contest 2013 (France) 1st place Steria Hacking Contest 2014 (France) 1st place International Forum on Cybersecurity 2014, 2016, 2017 (France) 2nd place Defcon open CTF 2014 (USA) 1st place StHack 2018 (France) 4times finalist at the Nuit du Hack 2013, 2014, 2016, 2017 (France) finalist Real Worl dCTF 2018 (China) 1st place 50M CTF 2019 (USA)

Other Talks in This Track