Python3

Command injection in Python -CWE-78

by Brumens

drag_indicator

info

drag_indicator

inputs

drag_indicator

inspect

Command injection in Python - CWE-78

Goal

Escape the system command nslookup in the function os.popen(...) and inject your own system command and open the file in the current folder named flag.txt!

Hints

Solution

drag_indicator

waf

INPUT

OUTPUT

drag_indicator

code

drag_indicator

result