Skip to content
master
Switch branches/tags
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 

README.md

C/C++/Perl/Ruby/Python 2/Python 3 polyglot

A few days ago a tweet of @takesako got me thinking. He created a very clever C/C++/Perl/Ruby/Python code polyglot, that will run no matter if it is compiled with a C or C++ compiler first and then run or passed to a Ruby, Perl or Python 2 interpreter directly. His tweet can be found in original.c in this repository and a compile.sh that runs it.

The first improvement I wanted to do was make it run under Python 2 and 3, as his PoC only works for Python 2. That was pretty easy, simply replacing print'Python' with print('Python'). You can find that version in the python_2_and_3_improvement folder.

The next thing was a little bit more tricky. As I am currently developing a Burp Proxy extension that is able to test HTTP-based file upload forms, I was looking for a file that would interact with an attacker defined server (a DNS query and if possible HTTP request) in all those languages. So I created a file that would do at least a DNS query to a subdomain of example.burpcollaborator.net. Later on I realized that it won't be super helpful, as we will probably still need to upload that file with all the different file extensions (e.g. .pl or .py) and content types (e.g. text/x-python) to detect issues, but it was a very nice little challenge.

About

A programming language polylgot originally by @takesako

Resources

Releases

No releases published

Packages

No packages published