Sp3eD-X

## oh-my-bet.py
import requests
import string
import random
import socket

"""
TL;DR
1- SSRF to ftp through the avatar parameter on /login
2- Abuse the CRLF injection in python urllib to inject ftp commands
3- make a bson serialization payload and put the session val to be a pickle serialization to gain RCE

## veno.py
import requests
import base64
import zipfile
import io
import sys
import argparse

class Args(object):
    def __init__(self):
        self.parser = argparse.ArgumentParser()
	import requests
	import string
	import random
	import socket

	"""
	TL;DR
	1- SSRF to ftp through the avatar parameter on /login
	2- Abuse the CRLF injection in python urllib to inject ftp commands
	3- make a bson serialization payload and put the session val to be a pickle serialization to gain RCE
	import requests
	import base64
	import zipfile
	import io
	import sys
	import argparse

	class Args(object):
	def __init__(self):
	self.parser = argparse.ArgumentParser()