hacktricks/pentesting/pentesting-web/python.md

# Python

## Server using python

test a possible **code execution**, using the function _str\(\)_:

```python
"+str(True)+" #If the string True is printed, then it is vulnerable
```

You [can find here **several tricks**](../../misc/basic-python/bypass-python-sandboxes.md) to obtain **code executing** in python if you can execute arbitrary code.

### \*\*\*\*[**Python Deserialization**](../../pentesting-web/deserialization/#python)\*\*\*\*
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`# Python`

			`## Server using python`

			`test a possible code execution, using the function _str\(\)_:`

			```python
			`"+str(True)+" #If the string True is printed, then it is vulnerable`
			```

			`You [can find here several tricks](../../misc/basic-python/bypass-python-sandboxes.md) to obtain code executing in python if you can execute arbitrary code.`

			`### \\\\[Python Deserialization](../../pentesting-web/deserialization/#python)\\\\`