Rating:

# baby bonechewercon
We are given an archive with a docker image for the challenge. It is a Twig application that is vulnerable to Server-Side Template Injection. It allows us to execute any code on the server and get the flag.

![](https://raw.githubusercontent.com/kukuxumushi/HTBxUNI-CTF-final-writeups/master/pictures/2021-03-26-22-12-48.png)

After submitting `{{['cat /flag']|filter('system')}} ` as the name we get the flag.

![](https://raw.githubusercontent.com/kukuxumushi/HTBxUNI-CTF-final-writeups/master/pictures/2021-03-26-22-12-55.png)

Original writeup (https://github.com/kukuxumushi/HTBxUNI-CTF-final-writeups/blob/master/baby_bonechewercon.md).