mirror of
https://github.com/HackTricks-wiki/hacktricks.git
synced 2025-10-10 18:36:50 +00:00
558 B
558 B
Python
{{#include ../../banners/hacktricks-training.md}}
使用 Python 的服务器
测试可能的 code execution,使用函数 str():
"+str(True)+" #If the string True is printed, then it is vulnerable
Tricks
{{#ref}} ../../generic-methodologies-and-resources/python/bypass-python-sandboxes/README.md {{#endref}}
{{#ref}} ../../pentesting-web/ssti-server-side-template-injection/README.md {{#endref}}
{{#ref}} ../../pentesting-web/deserialization/README.md {{#endref}}
{{#include ../../banners/hacktricks-training.md}}