The PyCodeInjection project contains two main components:
- PyCodeInjectionShell - A tool to exploit web application based Python Code Injection
- PyCodeInjectionApp - A web application that is intentially vulnerable to Python Code Injection
For a more in depth background on what Python Code Injection you can read this post
git clone https://github.com/sethsec/PyCodeInjection.git /opt/PythonCodeInjection
###Extra Step for PyCodeInjectionApp Installation
cd /opt/PythonCodeInjection/VulnApp
./install_requirements.sh
###PyCodeInjectionShell
root@playground:/opt/PyCodeInjection# python PyCodeInjectionShell.py -h
Usage: python PyCodeInjectionShell.py -c command -p param -u URL
python PyCodeInjectionShell.py -c command -p param -r request.file
Options:
-h, --help show this help message and exit
-c CMD Enter the OS command you want to run at the command line
-i Interactivly enter OS commands until finished
-u URL Specify the URL. URLs can use * or -p to set injection point
-p PARAMETER Specify injection parameter. This is used instead of *
-r REQUEST Specify locally saved request file instead of a URL. Works
with * or -p
###PyCodeInjectionApp
root@playground:/opt/PyCodeInjection/VulnApp# python PyCodeInjectionApp.py
http://0.0.0.0:8080/
192.168.81.1:12637 - - [02/Nov/2016 22:02:28] "HTTP/1.1 POST /pyinject" - 200 OK
192.168.81.1:12639 - - [02/Nov/2016 22:02:37] "HTTP/1.1 POST /pyinject" - 200 OK
192.168.81.1:12640 - - [02/Nov/2016 22:02:38] "HTTP/1.1 POST /pyinject" - 200 OK
192.168.81.1:12641 - - [02/Nov/2016 22:02:39] "HTTP/1.1 POST /pyinject" - 200 OK
192.168.81.1:12642 - - [02/Nov/2016 22:02:39] "HTTP/1.1 POST /pyinject" - 200 OK