Code for an intentionally vulnerable Lambda function. You can pass commands with an encoded ; “%3B”
Debes poder pasar commandos en el url si los separas con un punto y coma encodeado con html ; “%3B”
import json import os import subprocess def lambda_handler(event, context): vuln = event['queryStringParameters']['HealthCheck'] if "status" in vuln: cmdinject = vuln.replace("status","") cmd = "date" + cmdinject out = subprocess.check_output(cmd, shell=True) message = "Lambda function up as recent as " + out.decode() return { 'statusCode': 200, 'body': json.dumps(message) } else: message = "Welcome to GlitchyLambda by dafthack. You may want to check the health of the function at /lambda?HealthCheck=status" return { 'statusCode': 200, 'body': json.dumps(message) }