GitBook: [#2852] update

This commit is contained in:
CPol 2021-11-23 09:46:40 +00:00 committed by gitbook-bot
parent fea1702b48
commit 3a15c93ae7
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF

View file

@ -74,6 +74,8 @@ For more information about how does pickle works check this: [https://checkoway.
### Pip package ### Pip package
Trick shared by **@isHaacK**
If you have access to `pip` or to `pip.main()` you can install an arbitrary package and obtain a reverse shell calling: If you have access to `pip` or to `pip.main()` you can install an arbitrary package and obtain a reverse shell calling:
```bash ```bash
@ -835,5 +837,5 @@ Using tools like [**https://www.decompiler.com/**](https://www.decompiler.com)**
* [https://lbarman.ch/blog/pyjail/](https://lbarman.ch/blog/pyjail/) * [https://lbarman.ch/blog/pyjail/](https://lbarman.ch/blog/pyjail/)
* [https://ctf-wiki.github.io/ctf-wiki/pwn/linux/sandbox/python-sandbox-escape/](https://ctf-wiki.github.io/ctf-wiki/pwn/linux/sandbox/python-sandbox-escape/) * [https://ctf-wiki.github.io/ctf-wiki/pwn/linux/sandbox/python-sandbox-escape/](https://ctf-wiki.github.io/ctf-wiki/pwn/linux/sandbox/python-sandbox-escape/)
* [https://blog.delroth.net/2013/03/escaping-a-python-sandbox-ndh-2013-quals-writeup/](https://blog.delroth.net/2013/03/escaping-a-python-sandbox-ndh-2013-quals-writeup/) * [https://blog.delroth.net/2013/03/escaping-a-python-sandbox-ndh-2013-quals-writeup/](https://blog.delroth.net/2013/03/escaping-a-python-sandbox-ndh-2013-quals-writeup/)
* [https://gynvael.coldwind.pl/n/python_sandbox_escape](https://gynvael.coldwind.pl/n/python_sandbox_escape) * [https://gynvael.coldwind.pl/n/python\_sandbox\_escape](https://gynvael.coldwind.pl/n/python\_sandbox\_escape)
* [https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html](https://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html) * [https://nedbatchelder.com/blog/201206/eval\_really\_is\_dangerous.html](https://nedbatchelder.com/blog/201206/eval\_really\_is\_dangerous.html)