Open m0rp30 opened 2 months ago
There are some security problems, if I add some code to the levels file it is executed without checking.
e.g., in the levels/intro/risky file if I add, under [setup], code like this touch /home/$(whoami)/payload.txt the code is executed unchecked.
touch /home/$(whoami)/payload.txt
I suggest taking a different approach to run the command
There are some security problems, if I add some code to the levels file it is executed without checking.
e.g., in the levels/intro/risky file if I add, under [setup], code like this
touch /home/$(whoami)/payload.txt
the code is executed unchecked.I suggest taking a different approach to run the command