Skip to content

Add SSTI and Header Injection vulnerability skills#191

Merged
0xallam merged 1 commit into
usestrix:mainfrom
MoDarK-MK:main
May 4, 2026
Merged

Add SSTI and Header Injection vulnerability skills#191
0xallam merged 1 commit into
usestrix:mainfrom
MoDarK-MK:main

Conversation

@MoDarK-MK

@MoDarK-MK MoDarK-MK commented Dec 12, 2025

Copy link
Copy Markdown
Contributor

Adds two new vulnerability skill files under strix/skills/vulnerabilities/:

  • ssti.md — Server-side template injection across Jinja / Mako / Velocity / Freemarker / Thymeleaf (SpEL) / Twig / Smarty / Blade / ERB / Haml / Handlebars / Nunjucks / EJS. Engine fingerprinting, per-language gadget chains, sandbox escape patterns, RCE primitives, post-exploitation.
  • header_injection.md — HTTP header injection covering CRLF / response splitting / request smuggling, cache poisoning, Host-header confusion, cookie tossing, X-Forwarded-* / X-Original-URL spoofing, Content-Type / encoding tricks, header-driven XSS and open redirects, HTTP/2 frame confusion.

Both files follow the established skill template (frontmatter + Attack Surface / High-Value Targets / Reconnaissance / Key Vulnerabilities / Bypass Techniques / Testing Methodology / Validation / False Positives / Impact / Pro Tips / Summary), matching the format used by sql_injection.md, csrf.md, ssrf.md, xss.md, and the rest of the existing vulnerability skills.

Test plan

  • Skim both files end-to-end for prose feel vs peer skills
  • Spot-check a couple of payloads (${T(java.lang.Runtime).getRuntime().exec('id')} for SpEL, {{cycler.__init__.__globals__.os.popen('id').read()}} for Jinja)
  • Confirm strix/skills/__init__.py auto-discovers the new files (no registration needed for skills, per existing convention)
@MoDarK-MK MoDarK-MK changed the title Add SSTI vulnerability guide Dec 12, 2025
@MoDarK-MK

Copy link
Copy Markdown
Contributor Author

and Header Injection vulnerability

@MoDarK-MK MoDarK-MK changed the title Add SSTI vulnerability Dec 12, 2025
Copilot AI review requested due to automatic review settings May 4, 2026 00:06
@0xallam

0xallam commented May 4, 2026

Copy link
Copy Markdown
Member
@greptile-apps

greptile-apps Bot commented May 4, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

Adds two new vulnerability skill files (ssti.md and header_injection.md) following the established frontmatter + section template used by peer skills. Both files are broadly accurate and well-structured; earlier review rounds addressed the most significant payload errors (Velocity $Runtime, SpEL Process.toString, Jinja __import__ scope, and MRO index). Two minor issues remain: the standalone {{('__cl'+'ass__')}} snippet in ssti.md's filter-evasion section produces a string rather than an attribute bypass, and X-Accel-Redirect in header_injection.md's "Open Redirect" section is an Nginx internal file-serving directive (LFI impact) rather than an external redirect primitive.

Confidence Score: 5/5

Safe to merge — remaining findings are documentation-level P2s that do not affect runtime behaviour

All findings are P2; no P0/P1 issues remain after previous review rounds corrected the payload accuracy problems

Both files warrant a quick re-read of the two flagged snippets before merging, but neither requires blocking changes

Important Files Changed

Filename Overview
strix/skills/vulnerabilities/ssti.md Comprehensive SSTI skill covering engine fingerprinting, gadget chains, and sandbox escapes; previous review rounds addressed the most critical payload inaccuracies; one remaining minor issue with a misleading standalone string-concatenation bypass example in the filter-evasion section
strix/skills/vulnerabilities/header_injection.md Well-structured header injection skill; one categorisation issue: X-Accel-Redirect is listed under Open Redirect via Headers but its actual impact is internal file read / LFI, not an external redirect
Prompt To Fix All With AI
Fix the following 2 code review issues. Work through them one at a time, proposing concise fixes.

---

### Issue 1 of 2
strix/skills/vulnerabilities/ssti.md:409-410
**`{{('__cl'+'ass__')}}` renders a string, not an attribute access**

The first example in this bullet concatenates two literals into the string `__class__` and renders it verbatim — it performs no attribute lookup and achieves no bypass on its own. A tester who copies it in isolation will get the output `__class__` rather than the class object, which could lead them to conclude string concatenation is an ineffective evasion. The only functional bypass here is the `|attr(...)` form shown immediately after; the bare concatenation snippet should be folded into that form or removed to avoid the confusion.

### Issue 2 of 2
strix/skills/vulnerabilities/header_injection.md:138
**`X-Accel-Redirect` is an LFI/file-read primitive, not an open-redirect**

`X-Accel-Redirect` is an Nginx internal-redirect header: when the upstream application sets it, Nginx serves the *local file path* specified in the value, bypassing normal request routing. Its impact is unauthorized file read / SSRF-to-internal-file, not an open redirect to an external URL. Listing it under "Open Redirect via Headers" misrepresents both the attack class and the impact, and could cause a tester to apply the wrong validation criteria (they'd look for an external redirect instead of an internal file being served). It fits better under a server-side file access or SSRF-adjacent section, or at minimum the parenthetical should note that the impact is internal file serving rather than redirect.

Reviews (5): Last reviewed commit: "add header-injection and ssti vulnerabil..." | Re-trigger Greptile

Comment thread strix/skills/vulnerabilities/ssti.md Outdated

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds two new vulnerability skill documents under strix/skills/vulnerabilities, expanding the repository’s offensive-security guidance with playbooks for SSTI and HTTP header injection. It fits the existing skills library pattern by providing reconnaissance, validation, false-positive handling, and impact guidance for additional vulnerability classes.

Changes:

  • Add a new SSTI skill covering engine fingerprinting, bypass techniques, and language-specific RCE primitives.
  • Add a new HTTP header injection skill covering CRLF injection, cache poisoning, Host-header abuse, and proxy/header trust issues.
  • Extend the vulnerability catalog with two new markdown-based reference guides that follow the existing skill-file structure.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 8 comments.

File Description
strix/skills/vulnerabilities/ssti.md Adds a new SSTI reference guide with engine-specific probes, exploitation paths, and validation steps.
strix/skills/vulnerabilities/header_injection.md Adds a new header-injection reference guide covering response splitting, cache poisoning, forwarding-header abuse, and smuggling-related checks.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread strix/skills/vulnerabilities/header_injection.md
Comment thread strix/skills/vulnerabilities/ssti.md Outdated
Comment thread strix/skills/vulnerabilities/ssti.md Outdated
Comment thread strix/skills/vulnerabilities/ssti.md Outdated
Comment thread strix/skills/vulnerabilities/header_injection.md Outdated
Comment thread strix/skills/vulnerabilities/header_injection.md Outdated
Comment thread strix/skills/vulnerabilities/header_injection.md Outdated
Comment thread strix/skills/vulnerabilities/header_injection.md Outdated
@0xallam

0xallam commented May 4, 2026

Copy link
Copy Markdown
Member
Comment thread strix/skills/vulnerabilities/ssti.md Outdated
Comment thread strix/skills/vulnerabilities/ssti.md
@0xallam

0xallam commented May 4, 2026

Copy link
Copy Markdown
Member
Comment thread strix/skills/vulnerabilities/ssti.md Outdated
@0xallam

0xallam commented May 4, 2026

Copy link
Copy Markdown
Member
Comment thread strix/skills/vulnerabilities/ssti.md Outdated
@0xallam 0xallam changed the title Add SSTI & Header Injection vulnerability May 4, 2026
Two new skills under strix/skills/vulnerabilities/ filling real gaps
in coverage:

- header_injection.md — CRLF / response splitting / smuggling, cache
  poisoning, Host-header confusion, cookie tossing, X-Forwarded-*
  spoofing, Content-Type / encoding tricks, header-driven XSS and
  open redirects, HTTP/2 frame confusion.
- ssti.md — engine fingerprinting (Jinja / Twig / Velocity / Freemarker
  / SpEL / ERB / EJS / Pug / doT), per-language gadget chains, sandbox
  escape patterns, RCE primitives, post-exploitation.

Re-authored from the original .jinja contributions (deprecated format)
to match the current skill template (frontmatter + Attack Surface /
HVT / Reconnaissance / Key Vulnerabilities / Bypass / Methodology /
Validation / False Positives / Impact / Pro Tips / Summary). Several
inaccurate payloads from the original (Smarty {system()}, Thymeleaf
*{...} in the universal probe table, "Cyrillic" overlong UTF-8 framing,
Set-Cookie XSS framing) corrected during the port.
@0xallam

0xallam commented May 4, 2026

Copy link
Copy Markdown
Member
@0xallam 0xallam merged commit 8574119 into usestrix:main May 4, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

3 participants