hacktricks/pentesting/pentesting-web/python.md

# Python

## Server using python

test a possible **code execution**, using the function _str\(\)_:

```python
"+str(True)+" #If the string True is printed, then it is vulnerable
```

### Tricks

{% page-ref page="../../misc/basic-python/bypass-python-sandboxes/" %}

{% page-ref page="../../pentesting-web/ssti-server-side-template-injection/" %}

{% page-ref page="../../pentesting-web/deserialization/" %}
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`# Python`

			`## Server using python`

			`test a possible code execution, using the function _str\(\)_:`

			```python
			`"+str(True)+" #If the string True is printed, then it is vulnerable`
			```

GitBook: [master] 6 pages modified 2021-06-26 13:01:09 +00:00			`### Tricks`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
GitBook: [master] 8 pages modified 2021-10-06 10:13:49 +00:00			`{% page-ref page="../../misc/basic-python/bypass-python-sandboxes/" %}`
GitBook: [master] 6 pages modified 2021-06-26 13:01:09 +00:00
			`{% page-ref page="../../pentesting-web/ssti-server-side-template-injection/" %}`

			`{% page-ref page="../../pentesting-web/deserialization/" %}`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00