Enjoy HITCTF 2023!
You may have noticed that there are some command injection, but I have patched doSystemCmd function in lib! So pwn it with rop:)