Pickle Code Execution

Bookmarked!

This exercise covers the exploitation of Python's pickle when used to deserialize untrusted data

PRO Medium < 1 Hr. 6501 White Badge

Course

Make sure you give at least 512MB of RAM to this VM!

This lab covers the serialization and deserialization of objects using Python's Pickle library, demonstrating how malicious manipulation of serialized data can lead to code execution vulnerabilities. You'll explore how to create and inject a malicious Pickle object to gain remote code execution in a web application.

Skills covered

Injection Authentication Operating System

Included with PRO

Full course content 4 videos Common mistakes

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account