hacktricks/pentesting/pentesting-web/python.md

446 B

Python

Server using python

test a possible code execution, using the function str():

"+str(True)+" #If the string True is printed, then it is vulnerable

You can find here several tricks to obtain code executing in python if you can execute arbitrary code.

****Python Deserialization****