Sour Pickles

Black Hat USA 2011

Presented by: Marco Slaviero
Date: Thursday August 04, 2011
Time: 11:15 - 12:30
Location: Roman
Track: Web Hacking

Python's Pickle module provides a known capability for running arbitrary Python functions and, by extension, permitting remote code execution. However there is no public Pickle exploitation guide and published exploits are toy examples only.

This talk is a deep dive into Pickle exploitation, and is useful post vulnerability discovery; our focus is on steps to be taken once a bug has been found, not on finding new bugs. We describe the Pickle environment, outline numerous hurdles facing the discerning shellcoder and provide guidelines for writing Pickle shellcode. A survey of public Python code was undertaken to establish the prevalence of the vulnerability and templates for shellcode writing as well as a shellcode library will be released.

In the presentation we will demonstrate a new set of tools used to generate exploits for insertion into a wide range of hapless pickles, including generic exploits as well as framework-specific exploits for Django and AppEngine.

Marco Slaviero

Marco Slaviero is an associate at SensePost where he heads up the SensePost Labs team (current headcount: 1). He harbours a personal dislike for figs.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats