Python validating sql parser
There are plenty more examples of how to exploit pickle.
Never unpickle data from an untrusted or unauthenticated source.
Basically, the idea is that you can do referential entities in XML, so when your unassuming XML parser tries to load this XML file into memory it consumes gigabytes of RAM.
Try it out if you don’t believe me :-)Another attack uses external entity expansion.
Use another serialization pattern instead, like JSON.
Most POSIX systems come with a version of Python 2. Since “Python”, ie CPython is written in C, there are times when the Python interpreter itself has holes.
Because of the variable latency involved in most web-applications, it’s pretty much impossible to write a timing attack over HTTP web servers.
But, if you have a command-line application that prompts for the password, an attacker can write a simple script to time how long it takes to compare their value with the actual secret. There are some impressive examples such as this SSH-based timing attack written in Python if you want to see how they work.
Command injection is anytime you’re calling a process using popen, subprocess, os.system and taking arguments from variables.
Here are my top 10, , common gotchas in Python applications.
Injection attacks are broad and really common and there are many types of injection.
They impact all languages, frameworks and environments.
SQL injection is where you’re writing SQL queries directly instead of using an ORM and mixing your string literals with variables.