Code Execution 06
This exercise is one of our challenges on Code Execution
In this exercise, we investigate a Python application to understand how command injection vulnerabilities can be exploited. Initially, we determine that injecting a double-quote results in an error, and we find a way to properly close the double-quote using encoded characters. By verifying the presence of Python-specific functions like str()
and True
, we confirm the application's backend language.
The exercise progresses to achieving code execution by injecting commands such as os.system('id')
and os.popen('id').read()
. We observe how successful and unsuccessful command executions are reflected in the application's responses. Finally, we replace the command with /usr/local/bin/score UUID
to complete the challenge and score the exercise.