Tuesday, September 6, 2016

RCE in Pyspider

Today i read one articles about exploit debug mode in Werkzeug. It old, but very interesting. When i try to find website in shodan, i found 30s website use pyspider. Pyspider is python opensource, you can download and install it from: https://github.com/binux/pyspider
It had one problem, it not authentication. Anyone can access.

When click to one process, you can go to debug mode. And you can edit python code. So, you can use it to run code execute. It is RCE.


This is my POC:
       import subprocess
        p = subprocess.Popen(["id","-m"], stdout=subprocess.PIPE)
        output, err = p.communicate()
        print(output)

----------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Security Research
SecurityLab - Linux Lab -- Window and Cisco Lab
to be continued - I will update more.

No comments:

Install Xposed Inspector and Frida on Genymotion

Today i had some work with android. So i need trace application. I found 2 nice tool can help me: Xposed Inspector and Frida. To setup ther...