mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-24 05:15:26 +00:00
commit
2c10b28976
@ -43,6 +43,16 @@ state: !!python/tuple
|
|||||||
update: !!python/name:exec
|
update: !!python/name:exec
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Since PyYaml version 6.0, the default loader for ```load``` has been switched to SafeLoader mitigating the risks against Remote Code Execution.
|
||||||
|
[PR fixing the vulnerabily](https://github.com/yaml/pyyaml/issues/420)
|
||||||
|
|
||||||
|
The vulnerable sinks are now ```yaml.unsafe_load``` and ```yaml.load(input, Loader=yaml.UnsafeLoader)```
|
||||||
|
|
||||||
|
```
|
||||||
|
with open('exploit_unsafeloader.yml') as file:
|
||||||
|
data = yaml.load(file,Loader=yaml.UnsafeLoader)
|
||||||
|
```
|
||||||
|
|
||||||
## Ruamel.yaml
|
## Ruamel.yaml
|
||||||
|
|
||||||
## Ruby
|
## Ruby
|
||||||
@ -86,4 +96,4 @@ state: !!python/tuple
|
|||||||
* [YAML Deserialization Attack in Python - Manmeet Singh & Ashish Kukret - November 13][https://www.exploit-db.com/docs/english/47655-yaml-deserialization-attack-in-python.pdf]
|
* [YAML Deserialization Attack in Python - Manmeet Singh & Ashish Kukret - November 13][https://www.exploit-db.com/docs/english/47655-yaml-deserialization-attack-in-python.pdf]
|
||||||
* [PyYAML Documentation](https://pyyaml.org/wiki/PyYAMLDocumentation)
|
* [PyYAML Documentation](https://pyyaml.org/wiki/PyYAMLDocumentation)
|
||||||
* [Blind Remote Code Execution through YAML Deserialization - 09 JUNE 2021](https://blog.stratumsecurity.com/2021/06/09/blind-remote-code-execution-through-yaml-deserialization/)
|
* [Blind Remote Code Execution through YAML Deserialization - 09 JUNE 2021](https://blog.stratumsecurity.com/2021/06/09/blind-remote-code-execution-through-yaml-deserialization/)
|
||||||
* [[CVE-2019-20477]- 0Day YAML Deserialization Attack on PyYAML version <= 5.1.2 - @_j0lt](https://thej0lt.com/2020/06/21/cve-2019-20477-0day-yaml-deserialization-attack-on-pyyaml-version/)
|
* [[CVE-2019-20477]- 0Day YAML Deserialization Attack on PyYAML version <= 5.1.2 - @_j0lt](https://thej0lt.com/2020/06/21/cve-2019-20477-0day-yaml-deserialization-attack-on-pyyaml-version/)
|
||||||
|
Loading…
Reference in New Issue
Block a user