Code Execution 06
This exercise is one of our challenges on Code Execution
Course
In this exercise, we investigate a Python application to understand how command injection vulnerabilities can be exploited. Initially, we determine that injecting a double-quote results in an error, and we find a way to properly close the double-quote using encoded characters. By verifying the presence of Python-specific functions like `str()` and `True`, we confirm the application's backend language.
The exercise progresses to achieving code execution by injecting commands such as `os.system('id')` and `os.popen('id').read()`. We observe how successful and unsuccessful command executions are reflected in the application's responses. Finally, we replace the command with `/usr/local/bin/score UUID` to complete the challenge and score the exercise.