Mirage Track
Level 21 → Level 22
Template Injection
900 pts+125 first-blood bonus
Objective
Sendly. Your input is rendered as a template, server-side. Escape the data, reach the engine (SSTI → RCE).
How to play
Open the target in your browser, find the flaw, and exploit it. On success the page reveals the login for the next level — that password is this level's flag. Submit it on the track page (or /submit) to bank the points.
Target
Log in asl21 with the password you captured on the previous level, then:https://mirage-l21.breachlab.org🩸
ACTIVE RECORDFirst Blood captured by