diff options
| author | heqnx <root@heqnx.com> | 2025-08-03 00:56:32 +0300 |
|---|---|---|
| committer | heqnx <root@heqnx.com> | 2025-08-03 00:56:32 +0300 |
| commit | 45484ba79b624a2e81f23678d9eb13d72ab5aa03 (patch) | |
| tree | 5d571f3615f7a5e3811c013ce1843bbbc9a960a8 /templates | |
| parent | 11dcf0fbbc9bd18e4f2afd558102fa7d8ba66ff0 (diff) | |
| download | ssti-discovery-45484ba79b624a2e81f23678d9eb13d72ab5aa03.tar.gz ssti-discovery-45484ba79b624a2e81f23678d9eb13d72ab5aa03.zip | |
initial commit
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/index.html | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/templates/index.html b/templates/index.html new file mode 100644 index 0000000..da4e523 --- /dev/null +++ b/templates/index.html @@ -0,0 +1,42 @@ +<!DOCTYPE html> +<html lang="en"> +<head> + <meta charset="UTF-8"> + <meta name="viewport" content="width=device-width, initial-scale=1.0"> + <title>SSTI Payload Tester</title> + <script src="https://cdn.tailwindcss.com"></script> +</head> +<body class="bg-gray-100 font-sans"> + <div class="container mx-auto p-6 max-w-4xl"> + <h1 class="text-3xl font-bold text-gray-800 mb-6 text-center">SSTI Payload Tester</h1> + <div class="bg-white shadow-lg rounded-lg p-6"> + <div class="mb-4"> + <label for="payload" class="block text-sm font-medium text-gray-700">SSTI Payload</label> + <textarea id="payload" rows="4" class="mt-1 block w-full border-gray-300 rounded-md shadow-sm focus:ring-indigo-500 focus:border-indigo-500 sm:text-sm" placeholder="{{ 7 * 7 }}"></textarea> + </div> + <button onclick="executePayload()" class="w-full bg-indigo-600 text-white py-2 px-4 rounded-md hover:bg-indigo-700 focus:outline-none focus:ring-2 focus:ring-indigo-500">Execute</button> + <div id="results" class="mt-6 hidden"> + <h2 class="text-lg font-semibold text-gray-800 mb-2">Results</h2> + <div class="mb-4"> + <h3 class="text-sm font-medium text-gray-700">Output</h3> + <pre id="output" class="bg-gray-50 p-4 rounded-md text-sm text-gray-800 whitespace-pre-wrap break-words"></pre> + </div> + </div> + </div> + </div> + <script> + async function executePayload() { + const payload = document.getElementById('payload').value; + const response = await fetch('/execute', { + method: 'POST', + headers: { 'Content-Type': 'application/json' }, + body: JSON.stringify({ payload }) + }); + const data = await response.json(); + const resultsDiv = document.getElementById('results'); + resultsDiv.classList.remove('hidden'); + document.getElementById('output').textContent = data.output || data.error || 'No output'; + } + </script> +</body> +</html> |