This exploit leverages Python's untrusted search path vulnerability to execute arbitrary code when `help('modules')` is called. It demonstrates the vulnerability by creating a malicious `test.py` script in the current directory, which executes a shell command to modify `/root/.ssh/authorized_keys` and change permissions of `/usr/bin/nmap`.
Classification
Working Poc 95%
Target:
Python 2.7.2 and Python 3.2.1
No auth needed
Prerequisites:
Ability to place a malicious `test.py` script in the target directory · Victim must execute `help('modules')` in Python