0

Python & Cybersecurity challenge : a simple but powerful calculator... But can you find and fix the security holes ?

In 4 lines a calculator with trigonometry and possibly deep learning or any existing python package. Plus some serious security holes ! https://code.sololearn.com/cXmeQ5FUwpsQ/?ref=app

16th Aug 2017, 5:14 PM
VcC
VcC - avatar
7 odpowiedzi
+ 4
Still not safe, I could do : 9);print("nop" ^^
17th Aug 2017, 4:06 AM
Baptiste E. Prunier
Baptiste E. Prunier - avatar
+ 3
? :o
17th Aug 2017, 12:18 PM
Baptiste E. Prunier
Baptiste E. Prunier - avatar
+ 2
If my input is : );a_super_hacking_function();print( Then my super hacking function will be called ^^ preventing the user from using ; and counting the parenthesis so that they are well placed (no closing one before an opening one and one closing per opening) would be a first step to fix it. Also putting the exec function in a try except would be nice
16th Aug 2017, 5:27 PM
Baptiste E. Prunier
Baptiste E. Prunier - avatar
+ 2
The parenthesis count is to prevent the user from doing : ) if false else my_super_hack_function(
16th Aug 2017, 5:38 PM
Baptiste E. Prunier
Baptiste E. Prunier - avatar
0
Very good but not 100 %. You can still delete files by entering file.open('/file','w')
16th Aug 2017, 6:05 PM
VcC
VcC - avatar
16th Aug 2017, 9:02 PM
VcC
VcC - avatar
- 1
Hehe. That was the hidden challenge !
17th Aug 2017, 5:11 AM
VcC
VcC - avatar