from flask import Flask, request, jsonify, render_template
from jinja2 import Environment, TemplateError
import argparse
import importlib

app = Flask(__name__)

parser = argparse.ArgumentParser(description='SSTI Payload Tester')
parser.add_argument('--module', type=str, default='',
                    help='Comma-separated list of modules to import (e.g., os,lipsum)')
args = parser.parse_args()

modules = {}
if args.module:
    for module_name in args.module.split(','):
        try:
            modules[module_name] = importlib.import_module(module_name.strip())
        except ImportError as e:
            print(f"Warning: Failed to import module '{module_name}': {e}")

@app.route('/')
def index():
    return render_template('index.html')

@app.route('/execute', methods=['POST'])
def execute_payload():
    payload = request.json.get('payload', '')
    if not payload:
        return jsonify({'error': 'No payload provided'}), 400

    result = {'output': '', 'error': None}

    try:
        env = Environment()
        env.globals.update(modules)
        template = env.from_string(payload)
        result['output'] = template.render()
    except TemplateError as e:
        result['error'] = str(e)
        result['output'] = str(e)
    except Exception as e:
        result['error'] = f"Unexpected error: {str(e)}"
        result['output'] = str(e)

    return jsonify(result)

if __name__ == '__main__':
    app.run(debug=False, host='0.0.0.0', port=5000)