hacktricks/pentesting/pentesting-web/python.md
2021-10-06 10:13:49 +00:00

18 lines
410 B
Markdown

# Python
## Server using python
test a possible **code execution**, using the function _str\(\)_:
```python
"+str(True)+" #If the string True is printed, then it is vulnerable
```
### Tricks
{% page-ref page="../../misc/basic-python/bypass-python-sandboxes/" %}
{% page-ref page="../../pentesting-web/ssti-server-side-template-injection/" %}
{% page-ref page="../../pentesting-web/deserialization/" %}