# Python

{{#include ../../banners/hacktricks-training.md}}

## 使用 Python 的服务器

测试可能的 **code execution**，使用函数 _str()_:
```python
"+str(True)+" #If the string True is printed, then it is vulnerable
```
### Tricks

{{#ref}}
../../generic-methodologies-and-resources/python/bypass-python-sandboxes/README.md
{{#endref}}

{{#ref}}
../../pentesting-web/ssti-server-side-template-injection/README.md
{{#endref}}

{{#ref}}
../../pentesting-web/deserialization/README.md
{{#endref}}

{{#include ../../banners/hacktricks-training.md}}