Python

Reading time: 2 minutes

tip

Aprenda e pratique Hacking AWS:HackTricks Training AWS Red Team Expert (ARTE)
Aprenda e pratique Hacking GCP: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Servidor usando python

teste uma possível execução de código, usando a função str():

python
"+str(True)+" #If the string True is printed, then it is vulnerable

Truques

Bypass Python sandboxes

SSTI (Server Side Template Injection)

Deserialization

tip

Aprenda e pratique Hacking AWS:HackTricks Training AWS Red Team Expert (ARTE)
Aprenda e pratique Hacking GCP: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks