What's your Input

whats_your_input/in.py

@@ -0,0 +1,37 @@
+#!/usr/bin/python2.7 -u
+import random
+
+cities = open("./city_names.txt").readlines()
+city = random.choice(cities).rstrip()
+year = 2018
+
+print("What's your favorite number?")
+res = None
+while not res:
+    try:
+        res = input("Number? ")
+        print("You said: {}".format(res))
+    except:
+        res = None
+
+if res != year:
+    print("Okay...")
+else:
+    print("I agree!")
+
+print("What's the best city to visit?")
+res = None
+while not res:
+    try:
+        res = input("City? ")
+        print("You said: {}".format(res))
+    except:
+        res = None
+
+if res == city:
+    print("I agree!")
+    flag = open("./flag").read()
+    print(flag)
+else:
+    print("Thanks for your input!")
+

whats_your_input/sol.txt

@@ -0,0 +1,13 @@
+https://github.com/3ls3if/Cybersecurity-Notes/blob/main/real-world-and-and-ctf/scripts-and-systems/python2-input-vulnerability.md
+
+Python 2 input vulnerability is a security flaw that arises due to the usage of the input() function in Python 2. Unlike its Python 3 counterpart, the input() function in Python 2 evaluates the input as Python code rather than treating it as a simple string. This behavior can lead to serious security vulnerabilities if the input is not properly sanitized or validated.
+Consider a scenario where a Python 2 application uses the input() function to accept user input for executing system commands. If an attacker enters malicious code instead of expected input, the interpreter will execute it without any restrictions, potentially allowing the attacker to run arbitrary commands on the system.
+
+# Python 2 vulnerable code
+e = input("Enter your name: ")
+print e
+
+# payload
+'__import__("os").system("uname -a")'
+
+