webPromedium

Lab 351 — FlowForge — RCE via Python Code Validation Endpoint

hackadvisor

Task: AI workflow platform with Python code validation API endpoint that doesn't require authentication. Solution: Exploited unsafe exec() in validation endpoint using exception-based exfiltration to read flag.

$ ls tags/ techniques/

rce python code_injection api unsafe_exec code_validation

api_endpoint_enumerationpython_code_injectionexception_based_exfiltrationdecorator_execution_abuse

Analysis

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

$ python3 exploit.py --target 192.168.1.1 --port 8080
[*] Connecting to target...
[+] Shell obtained!

Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

$sign in

$ grep --similar

Similar writeups

[web][Pro]Lab 388 — ModelForge— hackadvisor
[web][Pro]Lab 320 — BuildForge — Path Traversal to RCE via CLI @File Expansion— hackadvisor
[web][Pro]Lab 352 — PipeForge — Content-Type Confusion to Admin JWT Forge to RCE— hackadvisor
[web][Pro]Lab 116 — InsightForge — IDOR via Undocumented Internal API— hackadvisor
[web][Pro]Lab 345 — PrintForge — RCE via Ghostscript Command Injection— hackadvisor