RCE in Pyspider

Today i read one articles about exploit debug mode in Werkzeug. It old, but very interesting. When i try to find website in shodan, i found 30s website use pyspider. Pyspider is python opensource, you can download and install it from: https://github.com/binux/pyspider
It had one problem, it not authentication. Anyone can access.

When click to one process, you can go to debug mode. And you can edit python code. So, you can use it to run code execute. It is RCE.

This is my POC:
       import subprocess
        p = subprocess.Popen(["id","-m"], stdout=subprocess.PIPE)
        output, err = p.communicate()

Thanks for reading
Security Research
SecurityLab - Linux Lab -- Window and Cisco Lab
to be continued - I will update more.


Popular posts from this blog

Python - Multithread to read one file

An toàn thông tin ứng dụng Web

OpenCA tutorial