mirror of
https://github.com/github/codeql.git
synced 2026-04-30 11:15:13 +02:00
Python: Remove old data-flow tests
This commit is contained in:
Taus Brock-Nannestad
@@ -1,31 +0,0 @@
|
||||
edges
|
||||
| path_injection.py:9:12:9:23 | dict of externally controlled string | path_injection.py:9:12:9:39 | externally controlled string |
|
||||
| path_injection.py:9:12:9:23 | dict of externally controlled string | path_injection.py:9:12:9:39 | externally controlled string |
|
||||
| path_injection.py:9:12:9:39 | externally controlled string | path_injection.py:10:40:10:43 | externally controlled string |
|
||||
| path_injection.py:9:12:9:39 | externally controlled string | path_injection.py:10:40:10:43 | externally controlled string |
|
||||
| path_injection.py:10:40:10:43 | externally controlled string | path_injection.py:10:14:10:44 | externally controlled string |
|
||||
| path_injection.py:10:40:10:43 | externally controlled string | path_injection.py:10:14:10:44 | externally controlled string |
|
||||
| path_injection.py:15:12:15:23 | dict of externally controlled string | path_injection.py:15:12:15:39 | externally controlled string |
|
||||
| path_injection.py:15:12:15:23 | dict of externally controlled string | path_injection.py:15:12:15:39 | externally controlled string |
|
||||
| path_injection.py:15:12:15:39 | externally controlled string | path_injection.py:16:56:16:59 | externally controlled string |
|
||||
| path_injection.py:15:12:15:39 | externally controlled string | path_injection.py:16:56:16:59 | externally controlled string |
|
||||
| path_injection.py:16:13:16:61 | normalized path | path_injection.py:17:14:17:18 | normalized path |
|
||||
| path_injection.py:16:13:16:61 | normalized path | path_injection.py:17:14:17:18 | normalized path |
|
||||
| path_injection.py:16:30:16:60 | externally controlled string | path_injection.py:16:13:16:61 | normalized path |
|
||||
| path_injection.py:16:30:16:60 | externally controlled string | path_injection.py:16:13:16:61 | normalized path |
|
||||
| path_injection.py:16:56:16:59 | externally controlled string | path_injection.py:16:30:16:60 | externally controlled string |
|
||||
| path_injection.py:16:56:16:59 | externally controlled string | path_injection.py:16:30:16:60 | externally controlled string |
|
||||
| path_injection.py:24:12:24:23 | dict of externally controlled string | path_injection.py:24:12:24:39 | externally controlled string |
|
||||
| path_injection.py:24:12:24:23 | dict of externally controlled string | path_injection.py:24:12:24:39 | externally controlled string |
|
||||
| path_injection.py:24:12:24:39 | externally controlled string | path_injection.py:25:56:25:59 | externally controlled string |
|
||||
| path_injection.py:24:12:24:39 | externally controlled string | path_injection.py:25:56:25:59 | externally controlled string |
|
||||
| path_injection.py:25:13:25:61 | normalized path | path_injection.py:28:14:28:18 | normalized path |
|
||||
| path_injection.py:25:13:25:61 | normalized path | path_injection.py:28:14:28:18 | normalized path |
|
||||
| path_injection.py:25:30:25:60 | externally controlled string | path_injection.py:25:13:25:61 | normalized path |
|
||||
| path_injection.py:25:30:25:60 | externally controlled string | path_injection.py:25:13:25:61 | normalized path |
|
||||
| path_injection.py:25:56:25:59 | externally controlled string | path_injection.py:25:30:25:60 | externally controlled string |
|
||||
| path_injection.py:25:56:25:59 | externally controlled string | path_injection.py:25:30:25:60 | externally controlled string |
|
||||
#select
|
||||
| path_injection.py:10:14:10:44 | Attribute() | path_injection.py:9:12:9:23 | dict of externally controlled string | path_injection.py:10:14:10:44 | externally controlled string | This path depends on $@. | path_injection.py:9:12:9:23 | Attribute | a user-provided value |
|
||||
| path_injection.py:17:14:17:18 | npath | path_injection.py:15:12:15:23 | dict of externally controlled string | path_injection.py:17:14:17:18 | normalized path | This path depends on $@. | path_injection.py:15:12:15:23 | Attribute | a user-provided value |
|
||||
| path_injection.py:28:14:28:18 | npath | path_injection.py:24:12:24:23 | dict of externally controlled string | path_injection.py:28:14:28:18 | normalized path | This path depends on $@. | path_injection.py:24:12:24:23 | Attribute | a user-provided value |
|
||||
@@ -1 +0,0 @@
|
||||
experimental/Security-old-dataflow/CWE-022/PathInjection.ql
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: -p ../lib/ --max-import-depth=3
|
||||
@@ -1,36 +0,0 @@
|
||||
|
||||
import os.path
|
||||
|
||||
from flask import Flask, request
|
||||
app = Flask(__name__)
|
||||
|
||||
@app.route("/path1")
|
||||
def path_injection():
|
||||
path = request.args.get('path', '')
|
||||
f = open(os.path.join(os.getcwd(), path))
|
||||
|
||||
@app.route("/path2")
|
||||
def path_injection():
|
||||
# Normalized, but not checked
|
||||
path = request.args.get('path', '')
|
||||
npath = os.path.normpath(os.path.join(os.getcwd(), path))
|
||||
f = open(npath)
|
||||
|
||||
SAFE = "/tmp/scratch_area/"
|
||||
|
||||
@app.route("/path3")
|
||||
def safe_path():
|
||||
# Normalized, but check doesn't reach open().
|
||||
path = request.args.get('path', '')
|
||||
npath = os.path.normpath(os.path.join(os.getcwd(), path))
|
||||
if npath.startswith(SAFE):
|
||||
pass
|
||||
f = open(npath)
|
||||
|
||||
@app.route("/path4")
|
||||
def safe_path():
|
||||
# Normalized, and checked properly
|
||||
path = request.args.get('path', '')
|
||||
npath = os.path.normpath(os.path.join(os.getcwd(), path))
|
||||
if npath.startswith(SAFE):
|
||||
f = open(npath)
|
||||
@@ -1,30 +0,0 @@
|
||||
edges
|
||||
| command_injection.py:10:13:10:24 | dict of externally controlled string | command_injection.py:10:13:10:41 | externally controlled string |
|
||||
| command_injection.py:10:13:10:24 | dict of externally controlled string | command_injection.py:10:13:10:41 | externally controlled string |
|
||||
| command_injection.py:10:13:10:41 | externally controlled string | command_injection.py:12:23:12:27 | externally controlled string |
|
||||
| command_injection.py:10:13:10:41 | externally controlled string | command_injection.py:12:23:12:27 | externally controlled string |
|
||||
| command_injection.py:12:23:12:27 | externally controlled string | command_injection.py:12:15:12:27 | externally controlled string |
|
||||
| command_injection.py:12:23:12:27 | externally controlled string | command_injection.py:12:15:12:27 | externally controlled string |
|
||||
| command_injection.py:17:13:17:24 | dict of externally controlled string | command_injection.py:17:13:17:41 | externally controlled string |
|
||||
| command_injection.py:17:13:17:24 | dict of externally controlled string | command_injection.py:17:13:17:41 | externally controlled string |
|
||||
| command_injection.py:17:13:17:41 | externally controlled string | command_injection.py:19:30:19:34 | externally controlled string |
|
||||
| command_injection.py:17:13:17:41 | externally controlled string | command_injection.py:19:30:19:34 | externally controlled string |
|
||||
| command_injection.py:19:30:19:34 | externally controlled string | command_injection.py:19:22:19:34 | externally controlled string |
|
||||
| command_injection.py:19:30:19:34 | externally controlled string | command_injection.py:19:22:19:34 | externally controlled string |
|
||||
| command_injection.py:24:11:24:22 | dict of externally controlled string | command_injection.py:24:11:24:37 | externally controlled string |
|
||||
| command_injection.py:24:11:24:22 | dict of externally controlled string | command_injection.py:24:11:24:37 | externally controlled string |
|
||||
| command_injection.py:24:11:24:37 | externally controlled string | command_injection.py:25:23:25:25 | externally controlled string |
|
||||
| command_injection.py:24:11:24:37 | externally controlled string | command_injection.py:25:23:25:25 | externally controlled string |
|
||||
| command_injection.py:25:23:25:25 | externally controlled string | command_injection.py:25:22:25:36 | first item in sequence of externally controlled string |
|
||||
| command_injection.py:25:23:25:25 | externally controlled string | command_injection.py:25:22:25:36 | first item in sequence of externally controlled string |
|
||||
| command_injection.py:30:13:30:24 | dict of externally controlled string | command_injection.py:30:13:30:41 | externally controlled string |
|
||||
| command_injection.py:30:13:30:24 | dict of externally controlled string | command_injection.py:30:13:30:41 | externally controlled string |
|
||||
| command_injection.py:30:13:30:41 | externally controlled string | command_injection.py:32:22:32:26 | externally controlled string |
|
||||
| command_injection.py:30:13:30:41 | externally controlled string | command_injection.py:32:22:32:26 | externally controlled string |
|
||||
| command_injection.py:32:22:32:26 | externally controlled string | command_injection.py:32:14:32:26 | externally controlled string |
|
||||
| command_injection.py:32:22:32:26 | externally controlled string | command_injection.py:32:14:32:26 | externally controlled string |
|
||||
#select
|
||||
| command_injection.py:12:15:12:27 | BinaryExpr | command_injection.py:10:13:10:24 | dict of externally controlled string | command_injection.py:12:15:12:27 | externally controlled string | This command depends on $@. | command_injection.py:10:13:10:24 | Attribute | a user-provided value |
|
||||
| command_injection.py:19:22:19:34 | BinaryExpr | command_injection.py:17:13:17:24 | dict of externally controlled string | command_injection.py:19:22:19:34 | externally controlled string | This command depends on $@. | command_injection.py:17:13:17:24 | Attribute | a user-provided value |
|
||||
| command_injection.py:25:22:25:36 | List | command_injection.py:24:11:24:22 | dict of externally controlled string | command_injection.py:25:22:25:36 | first item in sequence of externally controlled string | This command depends on $@. | command_injection.py:24:11:24:22 | Attribute | a user-provided value |
|
||||
| command_injection.py:32:14:32:26 | BinaryExpr | command_injection.py:30:13:30:24 | dict of externally controlled string | command_injection.py:32:14:32:26 | externally controlled string | This command depends on $@. | command_injection.py:30:13:30:24 | Attribute | a user-provided value |
|
||||
@@ -1 +0,0 @@
|
||||
experimental/Security-old-dataflow/CWE-078/CommandInjection.ql
|
||||
@@ -1,32 +0,0 @@
|
||||
|
||||
import os
|
||||
import subprocess
|
||||
|
||||
from flask import Flask, request
|
||||
app = Flask(__name__)
|
||||
|
||||
@app.route("/command1")
|
||||
def command_injection1():
|
||||
files = request.args.get('files', '')
|
||||
# Don't let files be `; rm -rf /`
|
||||
os.system("ls " + files)
|
||||
|
||||
|
||||
@app.route("/command2")
|
||||
def command_injection2():
|
||||
files = request.args.get('files', '')
|
||||
# Don't let files be `; rm -rf /`
|
||||
subprocess.Popen("ls " + files, shell=True)
|
||||
|
||||
|
||||
@app.route("/command3")
|
||||
def first_arg_injection():
|
||||
cmd = request.args.get('cmd', '')
|
||||
subprocess.Popen([cmd, "param1"])
|
||||
|
||||
|
||||
@app.route("/other_cases")
|
||||
def others():
|
||||
files = request.args.get('files', '')
|
||||
# Don't let files be `; rm -rf /`
|
||||
os.popen("ls " + files)
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: -p ../lib/ --max-import-depth=3
|
||||
@@ -1,9 +0,0 @@
|
||||
edges
|
||||
| reflected_xss.py:7:18:7:29 | dict of externally controlled string | reflected_xss.py:7:18:7:45 | externally controlled string |
|
||||
| reflected_xss.py:7:18:7:29 | dict of externally controlled string | reflected_xss.py:7:18:7:45 | externally controlled string |
|
||||
| reflected_xss.py:7:18:7:45 | externally controlled string | reflected_xss.py:8:44:8:53 | externally controlled string |
|
||||
| reflected_xss.py:7:18:7:45 | externally controlled string | reflected_xss.py:8:44:8:53 | externally controlled string |
|
||||
| reflected_xss.py:8:44:8:53 | externally controlled string | reflected_xss.py:8:26:8:53 | externally controlled string |
|
||||
| reflected_xss.py:8:44:8:53 | externally controlled string | reflected_xss.py:8:26:8:53 | externally controlled string |
|
||||
#select
|
||||
| reflected_xss.py:8:26:8:53 | BinaryExpr | reflected_xss.py:7:18:7:29 | dict of externally controlled string | reflected_xss.py:8:26:8:53 | externally controlled string | Cross-site scripting vulnerability due to $@. | reflected_xss.py:7:18:7:29 | Attribute | a user-provided value |
|
||||
@@ -1 +0,0 @@
|
||||
experimental/Security-old-dataflow/CWE-079/ReflectedXss.ql
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: -p ../lib/ --max-import-depth=3
|
||||
@@ -1,13 +0,0 @@
|
||||
from flask import Flask, request, make_response, escape
|
||||
|
||||
app = Flask(__name__)
|
||||
|
||||
@app.route('/unsafe')
|
||||
def unsafe():
|
||||
first_name = request.args.get('name', '')
|
||||
return make_response("Your name is " + first_name)
|
||||
|
||||
@app.route('/safe')
|
||||
def safe():
|
||||
first_name = request.args.get('name', '')
|
||||
return make_response("Your name is " + escape(first_name))
|
||||
@@ -1,22 +0,0 @@
|
||||
edges
|
||||
| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:19:70:19:77 | externally controlled string |
|
||||
| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:19:70:19:77 | externally controlled string |
|
||||
| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:22:88:22:95 | externally controlled string |
|
||||
| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:22:88:22:95 | externally controlled string |
|
||||
| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:23:76:23:83 | externally controlled string |
|
||||
| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:23:76:23:83 | externally controlled string |
|
||||
| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:24:78:24:85 | externally controlled string |
|
||||
| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:24:78:24:85 | externally controlled string |
|
||||
| sql_injection.py:19:70:19:77 | externally controlled string | sql_injection.py:19:24:19:77 | externally controlled string |
|
||||
| sql_injection.py:19:70:19:77 | externally controlled string | sql_injection.py:19:24:19:77 | externally controlled string |
|
||||
| sql_injection.py:22:88:22:95 | externally controlled string | sql_injection.py:22:38:22:95 | externally controlled string |
|
||||
| sql_injection.py:22:88:22:95 | externally controlled string | sql_injection.py:22:38:22:95 | externally controlled string |
|
||||
| sql_injection.py:23:76:23:83 | externally controlled string | sql_injection.py:23:26:23:83 | externally controlled string |
|
||||
| sql_injection.py:23:76:23:83 | externally controlled string | sql_injection.py:23:26:23:83 | externally controlled string |
|
||||
| sql_injection.py:24:78:24:85 | externally controlled string | sql_injection.py:24:28:24:85 | externally controlled string |
|
||||
| sql_injection.py:24:78:24:85 | externally controlled string | sql_injection.py:24:28:24:85 | externally controlled string |
|
||||
#select
|
||||
| sql_injection.py:19:24:19:77 | BinaryExpr | sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:19:24:19:77 | externally controlled string | This SQL query depends on $@. | sql_injection.py:12:24:12:31 | username | a user-provided value |
|
||||
| sql_injection.py:22:38:22:95 | BinaryExpr | sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:22:38:22:95 | externally controlled string | This SQL query depends on $@. | sql_injection.py:12:24:12:31 | username | a user-provided value |
|
||||
| sql_injection.py:23:26:23:83 | BinaryExpr | sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:23:26:23:83 | externally controlled string | This SQL query depends on $@. | sql_injection.py:12:24:12:31 | username | a user-provided value |
|
||||
| sql_injection.py:24:28:24:85 | BinaryExpr | sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:24:28:24:85 | externally controlled string | This SQL query depends on $@. | sql_injection.py:12:24:12:31 | username | a user-provided value |
|
||||
@@ -1 +0,0 @@
|
||||
experimental/Security-old-dataflow/CWE-089/SqlInjection.ql
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: -p ../lib/ --max-import-depth=3
|
||||
@@ -1,40 +0,0 @@
|
||||
"""This is copied from ql/python/ql/test/library-tests/web/django/test.py
|
||||
and a only a slight extension of ql/python/ql/src/Security/CWE-089/examples/sql_injection.py
|
||||
"""
|
||||
|
||||
from django.conf.urls import url
|
||||
from django.db import connection, models
|
||||
from django.db.models.expressions import RawSQL
|
||||
|
||||
class User(models.Model):
|
||||
pass
|
||||
|
||||
def show_user(request, username):
|
||||
with connection.cursor() as cursor:
|
||||
# GOOD -- Using parameters
|
||||
cursor.execute("SELECT * FROM users WHERE username = %s", username)
|
||||
User.objects.raw("SELECT * FROM users WHERE username = %s", (username,))
|
||||
|
||||
# BAD -- Using string formatting
|
||||
cursor.execute("SELECT * FROM users WHERE username = '%s'" % username)
|
||||
|
||||
# BAD -- other ways of executing raw SQL code with string interpolation
|
||||
User.objects.annotate(RawSQL("insert into names_file ('name') values ('%s')" % username))
|
||||
User.objects.raw("insert into names_file ('name') values ('%s')" % username)
|
||||
User.objects.extra("insert into names_file ('name') values ('%s')" % username)
|
||||
|
||||
# BAD (but currently no custom query to find this)
|
||||
#
|
||||
# It is exposed to SQL injection (https://docs.djangoproject.com/en/2.2/ref/models/querysets/#extra)
|
||||
# For example, using name = "; DROP ALL TABLES -- "
|
||||
# will result in SQL: SELECT * FROM name WHERE name = ''; DROP ALL TABLES -- ''
|
||||
#
|
||||
# This shouldn't be very widespread, since using a normal string will result in invalid SQL
|
||||
# Using name = "example", will result in SQL: SELECT * FROM name WHERE name = ''example''
|
||||
# which in MySQL will give a syntax error
|
||||
#
|
||||
# When testing this out locally, none of the queries worked against SQLite3, but I could use
|
||||
# the SQL injection against MySQL.
|
||||
User.objects.raw("SELECT * FROM users WHERE username = '%s'", (username,))
|
||||
|
||||
urlpatterns = [url(r'^users/(?P<username>[^/]+)$', show_user)]
|
||||
@@ -1,13 +0,0 @@
|
||||
edges
|
||||
| code_injection.py:4:20:4:26 | django.request.HttpRequest | code_injection.py:6:22:6:28 | django.request.HttpRequest |
|
||||
| code_injection.py:4:20:4:26 | django.request.HttpRequest | code_injection.py:6:22:6:28 | django.request.HttpRequest |
|
||||
| code_injection.py:6:22:6:28 | django.request.HttpRequest | code_injection.py:6:22:6:33 | django.http.request.QueryDict |
|
||||
| code_injection.py:6:22:6:28 | django.request.HttpRequest | code_injection.py:6:22:6:33 | django.http.request.QueryDict |
|
||||
| code_injection.py:6:22:6:33 | django.http.request.QueryDict | code_injection.py:6:22:6:55 | externally controlled string |
|
||||
| code_injection.py:6:22:6:33 | django.http.request.QueryDict | code_injection.py:6:22:6:55 | externally controlled string |
|
||||
| code_injection.py:6:22:6:55 | externally controlled string | code_injection.py:7:34:7:43 | externally controlled string |
|
||||
| code_injection.py:6:22:6:55 | externally controlled string | code_injection.py:7:34:7:43 | externally controlled string |
|
||||
| code_injection.py:7:34:7:43 | externally controlled string | code_injection.py:7:14:7:44 | externally controlled string |
|
||||
| code_injection.py:7:34:7:43 | externally controlled string | code_injection.py:7:14:7:44 | externally controlled string |
|
||||
#select
|
||||
| code_injection.py:7:14:7:44 | Attribute() | code_injection.py:4:20:4:26 | django.request.HttpRequest | code_injection.py:7:14:7:44 | externally controlled string | $@ flows to here and is interpreted as code. | code_injection.py:4:20:4:26 | request | A user-provided value |
|
||||
@@ -1 +0,0 @@
|
||||
experimental/Security-old-dataflow/CWE-094/CodeInjection.ql
|
||||
@@ -1,12 +0,0 @@
|
||||
from django.conf.urls import url
|
||||
import base64
|
||||
|
||||
def code_execution(request):
|
||||
if request.method == 'POST':
|
||||
first_name = request.POST.get('first_name', '')
|
||||
exec(base64.decodestring(first_name))
|
||||
|
||||
urlpatterns = [
|
||||
# Route to code_execution
|
||||
url(r'^code-ex$', code_execution, name='code-execution')
|
||||
]
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: -p ../lib/ --max-import-depth=3
|
||||
@@ -1,16 +0,0 @@
|
||||
edges
|
||||
| test.py:11:15:11:26 | dict of externally controlled string | test.py:11:15:11:41 | externally controlled string |
|
||||
| test.py:11:15:11:26 | dict of externally controlled string | test.py:11:15:11:41 | externally controlled string |
|
||||
| test.py:11:15:11:41 | externally controlled string | test.py:12:18:12:24 | externally controlled string |
|
||||
| test.py:11:15:11:41 | externally controlled string | test.py:12:18:12:24 | externally controlled string |
|
||||
| test.py:11:15:11:41 | externally controlled string | test.py:13:15:13:21 | externally controlled string |
|
||||
| test.py:11:15:11:41 | externally controlled string | test.py:13:15:13:21 | externally controlled string |
|
||||
| test.py:11:15:11:41 | externally controlled string | test.py:14:19:14:25 | externally controlled string |
|
||||
| test.py:11:15:11:41 | externally controlled string | test.py:14:19:14:25 | externally controlled string |
|
||||
| test.py:11:15:11:41 | externally controlled string | test.py:16:16:16:22 | externally controlled string |
|
||||
| test.py:11:15:11:41 | externally controlled string | test.py:16:16:16:22 | externally controlled string |
|
||||
#select
|
||||
| test.py:12:18:12:24 | payload | test.py:11:15:11:26 | dict of externally controlled string | test.py:12:18:12:24 | externally controlled string | Deserializing of $@. | test.py:11:15:11:26 | Attribute | untrusted input |
|
||||
| test.py:13:15:13:21 | payload | test.py:11:15:11:26 | dict of externally controlled string | test.py:13:15:13:21 | externally controlled string | Deserializing of $@. | test.py:11:15:11:26 | Attribute | untrusted input |
|
||||
| test.py:14:19:14:25 | payload | test.py:11:15:11:26 | dict of externally controlled string | test.py:14:19:14:25 | externally controlled string | Deserializing of $@. | test.py:11:15:11:26 | Attribute | untrusted input |
|
||||
| test.py:16:16:16:22 | payload | test.py:11:15:11:26 | dict of externally controlled string | test.py:16:16:16:22 | externally controlled string | Deserializing of $@. | test.py:11:15:11:26 | Attribute | untrusted input |
|
||||
@@ -1 +0,0 @@
|
||||
experimental/Security-old-dataflow/CWE-502/UnsafeDeserialization.ql
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: --max-import-depth=2 -p ../lib
|
||||
@@ -1,18 +0,0 @@
|
||||
import flask
|
||||
import pickle
|
||||
import yaml
|
||||
import marshal
|
||||
|
||||
from flask import Flask, request
|
||||
app = Flask(__name__)
|
||||
|
||||
@app.route("/")
|
||||
def hello():
|
||||
payload = request.args.get('payload')
|
||||
pickle.loads(payload)
|
||||
yaml.load(payload)
|
||||
marshal.loads(payload)
|
||||
import dill
|
||||
dill.loads(payload)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user