Code Injection in sofianehamlaoui/lockdoor-frameworkValid
May 28th 2021
Multiple Command injection in infogathering.py file due to lack of sanitization.
🕵️♂️ Proof of Concept
Payload : `id`
tools ask for root to run so every command injected will run as root which may cause potential damage.
Note: sanitize.py needs fix