'Render A text from python Flask input

i need to render a text from a text input field, this is my app.py

@app.route("/")
@app.route("/",methods=['POST'])
def data():
    text = request.form['command']
    return render_template("exploit.html") + text

if __name__ == '__main__':
    app.run(debug=1)

and this my exploit.html code

<body>
<form action="POST">
    <label>Command: </label>
    <input type="text" name = "command"> 
    <input type = "submit" value = "send">
</form>

actually i'm trying some remote code execution from that text input

pythonflask


Solution 1:[1]

You can pass variables to jinja2 templates by adding arguments to render_template function.

    return render_template("exploit.html", text = text)

They can be accessed later by using {{}}, like so:

<body>
{{text}}
<form action="POST">
    <label>Command: </label>
    <input type="text" name = "command"> 
    <input type = "submit" value = "send">
</form>

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1

Related Questions

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

pip issue installing almost any library

pip issue installing almost any library

pip issue installing almost any library

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

A simple SMTP server (in Python)

How to specify which pytorch to import, if I have two different versions installed?

How to specify which pytorch to import, if I have two different versions installed?

A simple SMTP server (in Python)

Python: get all months in range?

Python: get all months in range?

Python: get all months in range?

How to specify which pytorch to import, if I have two different versions installed?