Share
## https://sploitus.com/exploit?id=F12A9382-879E-54EA-83AC-8CAA76B21AF8
# PoC for cryptidy pickle deserialization RCE

๐Ÿšจ CVE PoC โ€” Unsafe pickle deserialization vulnerability in cryptidy

## ๐Ÿง  Summary

This repository contains a proof of concept (PoC) for a remote code execution (RCE) vulnerability in the `cryptidy` Python library. The library uses `pickle.loads` without input validation in `cryptidy/symmetric_encryption.py`, which allows an attacker to craft a malicious payload that, when deserialized, executes arbitrary code.

> โœ… CVE ID: (pending assignment by MITRE)

---

## โš ๏ธ Vulnerability Details

- **Library:** cryptidy (PyPI)
- **Affected Versions:** 1.2.4 (or "All versions up to current" if not confirmed)
- **Component:** `cryptidy/symmetric_encryption.py` โ€” vulnerable `decrypt_message()` (uses `pickle.loads`)
- **Vulnerability Type:** CWE-502: Deserialization of Untrusted Data
- **Attack Type:** Remote
- **Impact:** Remote Code Execution (RCE), Information Disclosure, Denial of Service, Privilege Escalation

### ๐Ÿ”“ Attack Vector

An attacker can provide malicious encrypted data that, when decrypted and passed to `pickle.loads`, executes arbitrary code. A PoC payload (`payload_malicioso.bin`) and a runner (`ejecutar_exploit.py`) are included for testing in a controlled environment.

---

## ๐Ÿงช Proof of Concept (PoC)

> Warning: The files included demonstrate an exploit. Do NOT run them on production systems or any system you don't own. Use a disposable VM or container.

### Included files

- `cve_report.md` โ€” Technical report (Spanish)
- `payload_malicioso.bin` โ€” Example malicious payload (binary)
- `ejecutar_exploit.py` โ€” Script to run the PoC locally (sanitized)
- `exploit.txt` โ€” Output log from PoC run
- `cve_hunter_advanced.log` โ€” Test logs

### โš ๏ธ Warning: Safe Payload
The file `payload_malicioso.bin` is included as part of the PoC. It is safe and only opens the calculator when executed. Do NOT use this file outside of a controlled environment. Verify its integrity using the following hash:

SHA256: [ICB03BD0BBED4F796146F0F508D1E8BFF37A3B64D43AE7CFEA21C232473F3FFC0]

The file `payload_malicioso_cifrado.b64` is included as part of the PoC. It is safe and only opens the calculator when executed. Do NOT use this file outside of a controlled environment. Verify its integrity using the following hash:

SHA256: [F7600DAE96C6C4139ABDAABD045B1D554D53F2D7E08C70A391B96116FF80CD47]

### Safe test instructions

1. Create a new disposable virtual environment or VM.
2. Do NOT expose this environment to the network.
3. Inspect `ejecutar_exploit.py` before running.
4. Run the PoC locally:

```bash
# create and activate venv
python -m venv venv
venv\Scripts\activate   # Windows PowerShell: venv\Scripts\Activate.ps1
pip install -r requirements.txt  # if any deps; otherwise run with system python

# run (only on isolated VM)
python ejecutar_exploit.py
```

---

## ๐Ÿ” Mitigation / Patch Recommendation

1. Avoid using `pickle` for untrusted input. Use safe formats such as JSON, or a vetted serialization library with explicit schemas.
2. If binary serialization is required, implement strict validation and restrict the set of permitted classes during deserialization (e.g., use `pickle.loads` with a safe unpickler or `dill` alternatives with restrictions).
3. Apply the principle of least privilege: ensure code that performs deserialization runs with minimal privileges.

Suggested quick fix (example):

```python
import pickle

def safe_load(data: bytes):
    # Prefer removing pickle entirely. If unavoidable, validate length/type and use restricted unpickling.
    assert isinstance(data, (bytes, bytearray))
    return pickle.loads(data)
```

Note: The best fix is to replace pickle with a safe format (JSON) and redesign APIs to avoid executing deserialized code.

---

## Credits

Discovered by Javier Morales
- GitHub: https://github.com/javiermorales36


---

## References

- Technical report: `cve_report.md`
- PoC files in this repository

For questions or coordination about responsible disclosure, open an issue or contact the maintainer.