The age old question: How do i bypass a command prompt block? The common answer is Powershell, or failing that, a batch file. However, sysadmins are wising up to these tricks, so new exploits must be found!
In this scenario, take a heavily locked down school computer. Cmd and Powershell are blocked, as well as running batch files, however being a school computer, it likely has the python runtime installed, for CS lessons, and in here, we find the exploit. Now, no matter locked down a computer is, it's highly unlikely that a sysadmin would manually remove python packages, especially the ones that come with a fresh install. The "OS" module in particular has a lovely feature: ```os.system()`` This allows you to run arbitrary commands, even the completely visual: ``color``, which surprised me at first. You can see the tool for yourself here.
Thank you for reading!
[link] [comments]
from hacking: security in practice https://ift.tt/eth0HxJ
Comments
Post a Comment