webProhard
Ещё один калькулятор (Another Calculator)
hackerlab
Task: Web calculator with eval() on user input and keyword blacklist. Solution: Python sandbox escape via MRO chain to access subprocess.Popen for RCE.
$ ls tags/ techniques/
python_class_introspectionsubprocess_popenmro_chainsandbox_escape
🔒
Permission denied (requires tier.pro)
Sign in to access full writeups
Sign in with GitHub to continue. No email required.
$sign in$ grep --similar
Similar writeups
- [misc][Pro]Калькулятор— hackerlab
- [misc][Pro]Flask Calculator— duckerz
- [misc][Pro]Неуязвимый калькулятор (Invulnerable Calculator)— hackerlab
- [misc][Pro]Безопасный калькулятор— hackerlab
- [web][Pro]Soviet— alfactf