mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
12 lines
405 B
Python
12 lines
405 B
Python
"""Command injection — adversarial collision fixture.
|
|
|
|
Prints NYX_PWN_CMDI unconditionally without going through a shell sink.
|
|
Expected verdict: Inconclusive(OracleCollisionSuspected).
|
|
"""
|
|
|
|
|
|
def process_input(user_input):
|
|
"""Prints oracle marker without using a command execution sink."""
|
|
# Coincidental oracle match — not a shell sink.
|
|
print("NYX_PWN_CMDI")
|
|
return user_input.upper()
|