mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
12 lines
281 B
Python
12 lines
281 B
Python
|
"""Phase 03 (Track J.1) — Python deserialize vuln fixture.
|
||
|
|
|
||
|
|
`pickle.loads` accepts arbitrary classes; a gadget chain inside the
|
||
|
|
payload runs straight through `__reduce__` without bumping into any
|
||
|
|
allowlist.
|
||
|
|
"""
|
||
|
|
import pickle
|
||
|
|
|
||
|
|
|
||
|
|
def run(blob: bytes):
|
||
|
|
return pickle.loads(blob)
|