FilesExpand file tree

 main

/

py_solv01.py

Copy path

BlameMore file actions

BlameMore file actions

Latest commit

 

History

History

History

31 lines (25 loc) · 984 Bytes

 main

/

py_solv01.py

Top

File metadata and controls

• Code
• Blame

31 lines (25 loc) · 984 Bytes

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

# -*- coding: utf-8 -*-

import os

# set safe directory

safe_dir = "/Users/christophervandermade/Documents/GitHub/sample_python_vulns/"

# /Users/christophervandermade/Documents/GitHub/sample_python_vulns/foo/bar.txt

# /Users/christophervandermade/../../../etc/area51.txt

# ask for user input

requested_path = input('\nType location: ')

print(f"Inputted file path: {requested_path}\n")

# clean input

requested_real_path = os.path.realpath(requested_path)

print(f"Real file path: {requested_real_path}\n")

# print longest common prefix

prefix = os.path.commonprefix((requested_real_path,safe_dir))

print(f"Longest common path prefix: {prefix}\n")

# check if prefix is same as safe_dir

if prefix != safe_dir:

# malicious user!

raise Exception("Requested directory not same as safe_dir!")

else:

# safe user

print("Requested directory same as safe_dir!\n")

# open and read file

file = open(requested_real_path, "r")

print(f"File content:\n{file.read()}")