mirror of
https://github.com/carlospolop/hacktricks
synced 2024-12-28 22:13:47 +00:00
18 lines
410 B
Markdown
18 lines
410 B
Markdown
# Python
|
|
|
|
## Server using python
|
|
|
|
test a possible **code execution**, using the function _str\(\)_:
|
|
|
|
```python
|
|
"+str(True)+" #If the string True is printed, then it is vulnerable
|
|
```
|
|
|
|
### Tricks
|
|
|
|
{% page-ref page="../../misc/basic-python/bypass-python-sandboxes/" %}
|
|
|
|
{% page-ref page="../../pentesting-web/ssti-server-side-template-injection/" %}
|
|
|
|
{% page-ref page="../../pentesting-web/deserialization/" %}
|
|
|