# Python

{{#include ../../banners/hacktricks-training.md}}

## 使用 Python 的服务器

测试可能的 **代码执行**，使用函数 _str()_:
```python
"+str(True)+" #If the string True is printed, then it is vulnerable
```
### 技巧

{{#ref}}
../../generic-methodologies-and-resources/python/bypass-python-sandboxes/
{{#endref}}

{{#ref}}
../../pentesting-web/ssti-server-side-template-injection/
{{#endref}}

{{#ref}}
../../pentesting-web/deserialization/
{{#endref}}

{{#include ../../banners/hacktricks-training.md}}