Researcher Finds Class Pollution – A Prototype Pollution Variant Affecting Python

A security researcher found a serious prototype pollution vulnerability in Python programming language. Exploiting the flaw results in app crashes, potentially allowing other impacts too.

Prototype Pollution Variant Found In Python

An independent security researcher, Abdulraheem Khaled, recently shared details about a prototype pollution vulnerability affecting Python.

Prototype pollution is a vulnerability common to JavaScript programming language, allowing attackers to meddle with existing prototypes. An attacker may inject values in the prototype of a base object (“polluting” the prototype) to disrupt the other objects, ultimately compromising the application. Such exploits can lead to various impacts, from denial of service to remote code execution.

In his blog post, Khaled explained that most prototype pollution vulnerabilities are often reported for JavaScript apps. And other class-based languages, such as Python, seem immune to such vulnerabilities.

However, Khaled elaborated on how he could observe prototype pollution variants in Python, where the flaw typically exists in polluting the modifiable attribute “_class_” in objects.

As stated in his post,

From an attacker’s perspective, we are interested more in attributes that we can override/overwrite to be able to exploit this vulnerability rather than the magic methods. As our input will always be treated as data (str, int, etc..) and not actual code to be evaluated. Therefore, if we try to overwrite any of the magic methods, it will lead to crashing the application when trying to invoke that method, as data such as strings can’t be executed.

Briefly, to demonstrate the flaw that he called “class pollution,” the researcher created an instance of Employee class – an empty class and then attempted to pollute it in a way to pollute the parent class as well. For this, he set the __qualname__ attribute inside __class__ to a string and then polluted the __base__ attribute. Eventually, it allowed him to pollute the parent Employee class. That’s how an adversary may pollute any parent class.

The researcher explained that Python applies some restrictions on modifying the object class attributes – the parent class of all classes. Therefore, an attacker must proceed accordingly, exploiting the unsafe merge functions, to achieve class pollution in Python.

What Next?

For now, the researcher confirmed having found no full exploit with an impact other than DoS. Nonetheless, he believes that an adversary may leverage the flaw to achieve various other results, such as overwriting the secret key in the Flask web app for signing sessions, or path hijacking.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients