Share
## https://sploitus.com/exploit?id=4AA60827-D3D1-5E3E-A866-9F15E21AFC63
# CVE-2025-4517 โ€” Python tarfile filter="data" Bypass (PoC)

> Path traversal vulnerability in Python's `tarfile` module affecting versions 3.8.0 through 3.13.1. The `filter="data"` sandbox โ€” intended to prevent unsafe extractions โ€” can be bypassed by crafting paths that exceed `PATH_MAX` (4096 bytes), causing `os.path.realpath()` to silently stop resolving symlinks. The security check sees a safe-looking path while the kernel resolves the real one, allowing writes outside the extraction directory. This PoC abuses the bypass to write an SSH public key to `/root/.ssh/authorized_keys`.

---

## How it works

1. Builds a malicious tar with deeply nested directories (247-char names) that push symlink paths beyond `PATH_MAX`.
2. `filter="data"` calls `os.path.realpath()` to validate each path โ€” but at `PATH_MAX` it stops resolving and sees the path as still inside the staging directory. Check passes.
3. The kernel resolves the full path correctly during extraction, escaping the sandbox.
4. A regular file is written through the escaped symlink chain, landing in `/root/.ssh/authorized_keys`.
5. SSH access as root is verified with the injected key.

## Requirements

- Python 3
- `ssh-keygen` available (or provide your own public key with `-k`)
- Write access to the backup directory used by the vulnerable script
- `sudo` rights to trigger the vulnerable extraction

## Usage

```bash
# Generate a new keypair automatically
python3 exploit.py

# Use an existing public key
python3 exploit.py -k ~/.ssh/id_ed25519.pub
```

**Example:**

```
$ python3 exploit.py
[+] SSH keypair generated: /tmp/cve_2025_4517_key
[*] Creating exploit tar...
[+] Exploit tar created: /tmp/cve_2025_4517_exploit.tar
[*] Deploying exploit to: /opt/backup_clients/backups/backup_9999.tar
[+] Exploit deployed successfully
[*] Triggering extraction via vulnerable script...
[+] Extraction completed
[*] Verifying exploit via SSH...
[+] SUCCESS! SSH as root confirmed: uid=0(root) gid=0(root) groups=0(root)

============================================================
[+] EXPLOITATION SUCCESSFUL!
[+] SSH into root with: ssh -i /tmp/cve_2025_4517_key root@localhost
============================================================

[?] Open root shell now? (y/n):
```

## References

- [CVE-2025-4517](https://nvd.nist.gov/vuln/detail/CVE-2025-4517)
- [Python tarfile documentation โ€” extraction filters](https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter)
- [Python Security Advisory](https://mail.python.org/archives/list/security-announce@python.org/)

## Credits

- **Discovery:** Python Security Response Team
- **Cleanup & simplification:** [Esteban Zรกrate](https://github.com/estebanzarate)