Picklescan Exfiltration Vulnerability via DNS after Deserialization

A vulnerability in Picklescan versions prior to 0.0.25 allows for the exfiltration of sensitive data through DNS after deserializing malicious pickle files. The issue arises because the 'ssl' module is not properly blacklisted, enabling the use of 'ssl.get_server_certificate' to leak information. Exploitation involves reading local files with 'linecache', encoding the data for DNS transfer, and resolving it via a crafted domain, effectively sending the extracted information to an attacker-controlled location.

Impact

This vulnerability could lead to unauthorized data exfiltration, allowing attackers to access sensitive information such as file contents, secrets, or credentials.

Reproduction

The vulnerability can be reproduced by creating a pickle payload that bypasses Picklescan's static analysis. This payload should use the 'linecache' module to read sensitive files, encode the data for DNS exfiltration, and then use 'ssl.get_server_certificate' to leak the information to an attacker-controlled domain. Once the payload is crafted, it can be loaded and executed, triggering the data exfiltration process.

Remediation

Users can update to Picklescan version 0.0.25 or later to address this vulnerability.