Information
Room#
- Name: Introduction to Flask
- Profile: tryhackme.com
- Difficulty: Easy
- Description: How it works and how can I exploit it?
Write-up
Installation and Deployment basics#
Which environment variable do you need to change in order to run Flask?
Answer: FLASK_APP
Clone the example repository:
1 | $ git clone https://github.com/Swafox/Flask-examples |
Create a virtual environment:
1 | $ cd Flask-examples |
Install flask:
1 | $ pip3 install Flask |
Choose the app to run and run it:
1 | $ export FLASK_APP=helloworld.py |
Basic syntax and routing#
What's the default deployment port used by Flask?
Answer: 5000
Check in your terminal.
Is it possible to change that port? (yay/nay)
Answer: yay
1 | $ flask run --help | grep port |
HTTP Methods and Template Rendering#
Does Flask support POST requests? (yay/nay)
Answer: yay
httpmethods.py
1 | from flask import request |
What markup language can you use to make templates for Flask?
Answer: html
templaterendering.py
1 | from flask import render_template |
Flask Injection#
What's inside /home/flask/flag.txt ?
Answer:
THM{flask_1njected}
Use a LFI in the SSTI: http://10.10.17.26:5000/vuln?name={{%20get_user_file(%22/home/flask/flag.txt%22)%20}}