CVE-2020-14343: PyYAML unsafe loader
This exercise covers how you can gain code execution when an application use a vulnerable version of PyYAML and relies on load()
This course provides an in-depth look at the CVE-2020-14343 vulnerability in the PyYAML library, which can be used to gain code execution. It begins by explaining the changes in the way YAML.load()
works in Python and how it led to the vulnerability due to the shift from safe_load()
to load()
. The course then guides you through building a YAML payload to exploit this issue, referencing previous challenges such as Code Execution 07 from the Essential Badge for additional insights.
The video transcript complements the course content by walking through a practical example, where you submit a crafted YAML file to a server. It details the steps to create an exploit file, import necessary libraries inline, and execute system commands through Python's eval
function. By the end of the course, you will have hands-on experience in forging your own exploit to achieve code execution on a server.