Python3

Command injection in Python -CWE-78

drag_indicator
info
drag_indicator
inputs
drag_indicator
inspect

Command injection in Python - CWE-78

Goal

Escape the system command nslookup in the function os.popen(...) and inject your own system command and open the file in the current folder named flag.txt!

Hints

Solution

drag_indicator
waf
INPUT
OUTPUT
drag_indicator
code
drag_indicator
result