@inproceedings{8f4899d9387d47fd8ad5639bd14623f2,
title = "Pain Pickle: Bypassing Python Restricted Unpickler for Automatic Exploit Generation",
abstract = "Pickle is a built-in library in Python that can serialize and deserialize Python objects and data structures. However, the process of pickle deserialization has been confirmed as a hazardous operation. Marco Slaviero uncovered its dangerous vulnerability and proposed exploitation methods in BlackHat 2011. As a result, corresponding defense methods have also been generated. Restricting Globals was proposed in the official Python documentation as a defensive approach.We find that defense implementations are incorrect in some cases. Therefore, we conducted a large-scale analysis of 7543 open-source Python projects with more than 100 stars to find that 36 projects have implemented defense strategies. Among them, nine projects were not correctly implemented. Furthermore, we investigated the root causes of their failures for automatic exploit generation from these projects.",
keywords = "Application Security, Deserialization, Pickle, Python, Restricted Unpickler, Restricting Globals",
author = "Huang, {Nan Jung} and Huang, {Chih Jen} and Huang, {Shih Kun}",
note = "Publisher Copyright: {\textcopyright} 2022 IEEE.; 22nd IEEE International Conference on Software Quality, Reliability and Security, QRS 2022 ; Conference date: 05-12-2022 Through 09-12-2022",
year = "2022",
doi = "10.1109/QRS57517.2022.00111",
language = "English",
series = "IEEE International Conference on Software Quality, Reliability and Security, QRS",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "1079--1090",
booktitle = "Proceedings - 2022 IEEE 22nd International Conference on Software Quality, Reliability and Security, QRS 2022",
address = "美國",
}