Hacking Flask Applications. Executing arbitrary commands using the… | by Vickie Li | The Startup | Medium
python flask debugger pin, find and exploit
NahamCon 2021 CTF: Workerbee. This was a Hard challange with only 19… | by Westar | Medium
NorzhCTF 2021 Writeups – rainbowpigeon
django-extensions/runserver_plus.rst at main · django-extensions/django-extensions · GitHub
Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector. | PythonRepo
werkzeug - HackTricks - Boitatech
GitHub - wdahlenburg/werkzeug-debug-console-bypass: Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege escalation vector.
Z0ldyck on Twitter: "The console name is Werkzeug, if we look into the source code we can see how the pin number is generated. So we need to get uuid.getnode() which is
Flask debug pin安全问题- Kingkk's Blog
Flask debug模式下的PIN 码安全性- 先知社区
GitHub - grav3m1nd-byte/werkzeug-pin: Yet another Werkzeug Console Pin Exploit Explanation
How an attack would use an open flask console page to easily get code execution : r/flask