Code Execution 08
This exercise is one of our challenges on Code Execution
Course
In this challenge, similar to the previous one, we aim to execute a command on the server. However, the current setup prevents the use of slashes (/) in the path, a restriction that's enforced by the Flask route configuration. To work around this, we need to encode our command in base64, allowing us to send it without slashes. Once the server receives the encoded payload, it will decode it using the `b64decode` function from the base64 module, which we load via the `__import__` trick. This method ensures that our command can be executed despite the path restrictions.
The source code review reveals that the route `/hello/