Backend DevelopmentPython TutorialShare practical tutorials on using python to write POC and exp
For a long time, I had a dream. However, later I found that my dream gradually disappeared.
So, yesterday I thought about it all night
I thought I should have a dream!
Okay, back to the topic. As the saying goes, people who are smart don't pretend to be secretive. Today, my home has opened a public IP address and I'm so excited! It's so fun!
Um, I'm off topic again
Let's really start now:
0x01
Let's take a brief look at the shoe POC and exp ideas:
First of all, we need to know this vulnerability, and It is to discover the vulnerability
Then, we need to know the principle of this vulnerability, that is, understand the principle
Secondly, we need to build an environment, or find an environment online to understand the process of using this vulnerability
Finally, we write the exploit And poc
0x02
What knowledge of python do we need to write a simple poc:
1.python基本的输出输入 2.python的数据类型 3.python的流程控制 4.python的正则表达式 5.python的网络编程 6.python的urllib和urllib2模块 7.python的sys模块和os模块
Start writing the poc (we will announce it on the forum vbcms injection as an example):
1. Analyze the vulnerability principle
You can see the exploit address of his vulnerability. This is an obvious SQL injection statement with url encoding added. We try to decode the url encoding.
Because we just want to write the poc, so we just load this code directly and it’s OK
The following is the main body code of the poc, just for reference, don’t read if you don’t understand python
The above is the POC of the vulnerability, which is used to verify the vulnerability. Let's try to write the exp
0x04
and start writing the exp (we use the vbcms published by the forum Injection as an example):
Above we analyzed the sql injection statement of this vulnerability, we can see that the ~! user() !~ 1 in the middle is completely changeable, then we change it to an offensive code What will happen?
For example, we need to check the mysql version. Can we replace user() with @@version? Haha, yes, that’s it. Of course, this requires high manual injection technology
The above is the idea of exp. Note: It is just an idea and has a lot in common with POC writing, that is, changing the verification code to injection code
[Related recommendations]
1. Detailed explanation of the exp() function tutorial in Python
2. Sharing an example tutorial of the exp() method used to calculate the index in Python
The above is the detailed content of Share practical tutorials on using python to write POC and exp. For more information, please follow other related articles on the PHP Chinese website!
How do you append elements to a Python array?Apr 30, 2025 am 12:19 AMInPython,youappendelementstoalistusingtheappend()method.1)Useappend()forsingleelements:my_list.append(4).2)Useextend()or =formultipleelements:my_list.extend(another_list)ormy_list =[4,5,6].3)Useinsert()forspecificpositions:my_list.insert(1,5).Beaware
How do you debug shebang-related issues?Apr 30, 2025 am 12:17 AMThe methods to debug the shebang problem include: 1. Check the shebang line to make sure it is the first line of the script and there are no prefixed spaces; 2. Verify whether the interpreter path is correct; 3. Call the interpreter directly to run the script to isolate the shebang problem; 4. Use strace or trusts to track the system calls; 5. Check the impact of environment variables on shebang.
How do you remove elements from a Python array?Apr 30, 2025 am 12:16 AMPythonlistscanbemanipulatedusingseveralmethodstoremoveelements:1)Theremove()methodremovesthefirstoccurrenceofaspecifiedvalue.2)Thepop()methodremovesandreturnsanelementatagivenindex.3)Thedelstatementcanremoveanitemorslicebyindex.4)Listcomprehensionscr
What data types can be stored in a Python list?Apr 30, 2025 am 12:07 AMPythonlistscanstoreanydatatype,includingintegers,strings,floats,booleans,otherlists,anddictionaries.Thisversatilityallowsformixed-typelists,whichcanbemanagedeffectivelyusingtypechecks,typehints,andspecializedlibrarieslikenumpyforperformance.Documenti
What are some common operations that can be performed on Python lists?Apr 30, 2025 am 12:01 AMPythonlistssupportnumerousoperations:1)Addingelementswithappend(),extend(),andinsert().2)Removingitemsusingremove(),pop(),andclear().3)Accessingandmodifyingwithindexingandslicing.4)Searchingandsortingwithindex(),sort(),andreverse().5)Advancedoperatio
How do you create multi-dimensional arrays using NumPy?Apr 29, 2025 am 12:27 AMCreate multi-dimensional arrays with NumPy can be achieved through the following steps: 1) Use the numpy.array() function to create an array, such as np.array([[1,2,3],[4,5,6]]) to create a 2D array; 2) Use np.zeros(), np.ones(), np.random.random() and other functions to create an array filled with specific values; 3) Understand the shape and size properties of the array to ensure that the length of the sub-array is consistent and avoid errors; 4) Use the np.reshape() function to change the shape of the array; 5) Pay attention to memory usage to ensure that the code is clear and efficient.
Explain the concept of 'broadcasting' in NumPy arrays.Apr 29, 2025 am 12:23 AMBroadcastinginNumPyisamethodtoperformoperationsonarraysofdifferentshapesbyautomaticallyaligningthem.Itsimplifiescode,enhancesreadability,andboostsperformance.Here'showitworks:1)Smallerarraysarepaddedwithonestomatchdimensions.2)Compatibledimensionsare
Explain how to choose between lists, array.array, and NumPy arrays for data storage.Apr 29, 2025 am 12:20 AMForPythondatastorage,chooselistsforflexibilitywithmixeddatatypes,array.arrayformemory-efficienthomogeneousnumericaldata,andNumPyarraysforadvancednumericalcomputing.Listsareversatilebutlessefficientforlargenumericaldatasets;array.arrayoffersamiddlegro
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
SublimeText3 Chinese version
Chinese version, very easy to use
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
