Using nmap I found 2 open ports, 22 and http.

Using wappalyzer i found who the page is using the Express framework.

When I execute the clasic SSTI payload, I got an error.
After a fast research, I found a RCE payload for this template engine.
I need to edit the payload to import manualy the module.
With this, I can execute code, but I can't see the response.
So, I execute a reverse shell and read the flag.
