Skip to content
Contact us
  • There are no suggestions because the search field is empty.

Add File Functionality Is Broken (Command Injection Lesson)

Issue:

The normal expected functionality with the create a file form in the sandbox app is broken.

Test 1

Login with username=alice and password=monkey1. What happens if you create a new file? Does it work in the same way that it did before you changed the code? You can reset the sandbox to find out. 

Check

Is the file being created in the correct directory? /tmp is not the root directory.

Test 2:

Login with username=alice and password=monkey1. What happens if you create a second new file? Does it work in the same way that it did before you changed the code? You can reset the sandbox to find out.

Test 3:

What if you login with username=bob and password=password. What happens if you create a new file? Does it work in the same way that it did before you changed the code? You can reset the sandbox to find out.