subprocess module call
Medium
- Category
- Dangerous Code Execution
- Content
def _get_mac_from_arp(self, ip): """Try to get MAC address from system ARP table""" try: output = subprocess.check_output(f"arp -a {ip}", shell=True).decode('gbk', errors='ignore') match = re.search(r'([0-9a-fA-F]{2}[:-]){5}([0-9a-fA-F]{2})', output) if match: return match.group(0).replace('-', ':').lower()- Confidence
- 98% confidence
- Finding
- output = subprocess.check_output(f"arp -a {ip}", shell=True).decode('gbk', errors='ignore')
