Add README explaining the PoC
Browse files
README.md
ADDED
|
@@ -0,0 +1,31 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
---
|
| 2 |
+
tags:
|
| 3 |
+
- security-research
|
| 4 |
+
- vulnerability-poc
|
| 5 |
+
---
|
| 6 |
+
|
| 7 |
+
# msgpack-numpy RCE PoC (CWE-502)
|
| 8 |
+
|
| 9 |
+
**DO NOT LOAD THIS FILE IN AN UNCONTROLLED ENVIRONMENT**
|
| 10 |
+
|
| 11 |
+
This repository contains a proof-of-concept `.msgpack` file that demonstrates arbitrary code execution via `msgpack_numpy.unpackb()`.
|
| 12 |
+
|
| 13 |
+
## Vulnerability
|
| 14 |
+
|
| 15 |
+
`msgpack_numpy.decode()` at line 99-100 calls `pickle.loads(obj[b'data'])` with zero validation when `obj[b'kind'] == b'O'`. An attacker who distributes a crafted `.msgpack` file causes any victim process that loads it with `msgpack_numpy.unpackb()` to execute arbitrary code.
|
| 16 |
+
|
| 17 |
+
## Reproduction
|
| 18 |
+
|
| 19 |
+
```python
|
| 20 |
+
import msgpack_numpy
|
| 21 |
+
import msgpack
|
| 22 |
+
|
| 23 |
+
data = open("malicious.msgpack", "rb").read()
|
| 24 |
+
msgpack_numpy.unpackb(data, raw=False) # RCE triggers here
|
| 25 |
+
# Creates /tmp/msgpack-rce-proof.txt with content "EXPLOITED"
|
| 26 |
+
```
|
| 27 |
+
|
| 28 |
+
## Affected
|
| 29 |
+
- msgpack-numpy 0.4.8 (latest, all versions affected)
|
| 30 |
+
- 842,000 monthly PyPI downloads
|
| 31 |
+
- Unmaintained since July 2024
|