mirror of
https://github.com/github/codeql.git
synced 2025-12-21 03:06:31 +01:00
15 lines
395 B
Python
15 lines
395 B
Python
import flask
|
|
import pickle
|
|
import marshal
|
|
|
|
from flask import Flask, request
|
|
|
|
app = Flask(__name__)
|
|
|
|
|
|
@app.route("/")
|
|
def hello():
|
|
payload = request.args.get("payload")
|
|
pickle.loads(payload) # $decodeInput=payload $decodeOutput=Attribute() $decodeFormat=pickle $decodeUnsafe
|
|
marshal.loads(payload) # $decodeInput=payload $decodeOutput=Attribute() $decodeFormat=pickle $decodeUnsafe
|