a) Advance the remote code injection we saw in class as follows:  Craft and test a malicious Python2.x payload that allows an attacker to detect the target operating system (e.g., Linux, Win32, ...). Note: in the examples given in class, the attack payloads were done with the assumption that the target host is a Linux OS. For this part, you need to be creative as to how to embed a longer (multi-line) Python2.x  payload in your inputs to agent.py. Explore options such as exec, eval, ...

b) The root cause of the injection vulnerability for agent.py is the lack of input sanitization and/or validation when the input () function is used to read inputs. Modify agent.py such that it performs input sanitization and/or validation before it uses user input in its application logic. Show how your input sanitization handles common injection cases like the ones we tried in class.

Notes:

• Assume the code is executed by Python2.x interpreter (the same assumption we took in class). Don't try any of these in Python 3.x (understandably fixed in the later versions of Python).
• You are free to research possible ideas but make sure that you cite your sources whenever an idea is not yours.

 

Submission:

• For a), submit the exploit payload (.txt) that goes as input to the  undefended (i.e., without input sanitization) agent.py
• For b), submit a modified agent.py file with the implementations of your input sanitization and/or validation countermeasures.
• =======agent.py======

  import random
  import hashlib

  secret = 'this is a secret'
  public = 'to buy a house.'
  value =input('Enter number of customers: ')
  print "There are", value,
  print "customers looking", public

  =======================