AndyNovo/lambda.py Secret

## lambda.py
import sys
from io import StringIO
import json
import os

#https://8socqadtz9.execute-api.us-east-1.amazonaws.com/default/websecflag?payload=332a37

def lambda_handler(event, context):
    flag = os.environ["flag"].encode()
    assert(flag[:5] == b"ninja")
    payload=bytes.fromhex(event["queryStringParameters"]["payload"])#hex encode please
    for keyword in [b'eval', b'exec', b'import', b'open', b'os', b'read', b'system', b'write']:
        if keyword in payload:
            return {
                'statusCode': 200,
                'body': json.dumps('Banned')
            }
    old_stdout = sys.stdout
    redirected_output = sys.stdout = StringIO()
    exec(b"print(%b)" % (payload))
    sys.stdout = old_stdout
    return {
                'statusCode': 200,
                'body': redirected_output.getvalue()
            }
	import sys
	from io import StringIO
	import json
	import os

	#https://8socqadtz9.execute-api.us-east-1.amazonaws.com/default/websecflag?payload=332a37

	def lambda_handler(event, context):
	flag = os.environ["flag"].encode()
	assert(flag[:5] == b"ninja")
	payload=bytes.fromhex(event["queryStringParameters"]["payload"])#hex encode please
	for keyword in [b'eval', b'exec', b'import', b'open', b'os', b'read', b'system', b'write']:
	if keyword in payload:
	return {
	'statusCode': 200,
	'body': json.dumps('Banned')
	}
	old_stdout = sys.stdout
	redirected_output = sys.stdout = StringIO()
	exec(b"print(%b)" % (payload))
	sys.stdout = old_stdout
	return {
	'statusCode': 200,
	'body': redirected_output.getvalue()
	}