Code Execution 06
This exercise is one of our challenges on Code Execution
In this exercise, we investigate a Python application to understand how command injection vulnerabilities can be exploited. Initially, we determine that injecting a double-quote results in an error, and we find a way to properly close the double-quote using encoded characters. By verifying the presence of Python-specific functions like str() and True, we confirm the application's backend language.
The exercise progresses to achieving code execution by injecting commands such as os.system('id') and os.popen('id').read(). We observe how successful and unsuccessful command executions are reflected in the application's responses. Finally, we replace the command with /usr/local/bin/score UUID to complete the challenge and score the exercise.