hacktricks/pentesting/pentesting-web/python.md

Python

Server using python

test a possible code execution, using the function str():

"+str(True)+" #If the string True is printed, then it is vulnerable

Tricks

{% page-ref page="../../misc/basic-python/bypass-python-sandboxes.md" %}

{% page-ref page="../../pentesting-web/ssti-server-side-template-injection/" %}

{% page-ref page="../../pentesting-web/deserialization/" %}