No Step On Snek

Python input() vulnerability


I heard you guys like python pwnables

nc 4000

Author: trashcanna


A different board is shown every time.

move = input("Make your move: ")

The output shows us that Python 2 is used -- the code tries to evaluate the input.

We can pass in eval(open('flag.txt').read()) as the input. In the traceback, we get the flag.

Last updated