mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
18 lines
498 B
Python
18 lines
498 B
Python
"""Phase 12 (Track L.10) — Flask CMDI vuln fixture.
|
|
|
|
The `/run` route forwards a `cmd` query parameter straight into
|
|
`os.system`, so any attacker who reaches the route can execute
|
|
arbitrary shell. Adapter binding: `@app.route("/run", methods=["GET"])`
|
|
with `cmd` flowing through `request.args.get`.
|
|
"""
|
|
import os
|
|
from flask import Flask, request
|
|
|
|
app = Flask(__name__)
|
|
|
|
|
|
@app.route("/run", methods=["GET"])
|
|
def run_cmd():
|
|
cmd = request.args.get("cmd", "")
|
|
os.system(cmd)
|
|
return "ok"
|