/tags/python2-injection/ Recent content in Python2-Injection on Nitel's Red Logs Hugo -- gohugo.io en Fri, 09 Jan 2026 23:42:00 +0000 /posts/updown/ Fri, 09 Jan 2026 23:42:00 +0000 /posts/updown/ <strong>UpDown</strong> is a medium Linux box where you chain an exposed <code>.git</code> repo, a custom header bypass, and a Phar wrapper LFI + file upload to get a shell. Root involves Python 2 <code>input()</code> injection on a SUID binary, then <code>easy_install</code> sudo abuse via GTFOBins.