Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(dev): jinja a sandbox breakout through malicious filenames #642

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(dev): jinja a sandbox breakout through malicious filenames #642

wants to merge 1 commit into from

Conversation

odaysec
Copy link

@odaysec odaysec commented Feb 27, 2025

A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename.

The root cause of this vulnerability lies in how Jinja's compiler handles template filenames during the compilation process. When an attacker can influence both the filename and the content of a template, they can craft malicious inputs that Jinja fails to sanitize properly. This failure leads to the execution of arbitrary code within the application's context.

Vulnerable Code

from jinja2 import Environment, FileSystemLoader

def render_template(template_name, context):
    env = Environment(loader=FileSystemLoader('/path/to/templates'))
    template = env.get_template(template_name)
    return template.render(context)

In this scenario, if an attacker can control the template_name and the contents of the template, they can introduce malicious code that Jinja will execute during rendering.

Exploit Code and Proof of Concept

To demonstrate the exploitation of this vulnerability, consider the following proof of concept:

  1. Malicious Template Creation: The attacker crafts a template with the following content and saves it with a filename they
{% set os = __import__('os') %}
{{ os.system('id') }}
  1. Template Upload: The attacker uploads this template to the application, ensuring that both the filename and content are under their control.
  2. Triggering the Exploit: When the application renders this template, the payload executes the id command on the server, exposing sensitive information.
  3. Create the Malicious Template Save the following content in a file named malicious_template.html:
{% set os = __import__('os') %}
{{ os.system('id') }}

Observe that the application executes the id command, demonstrating arbitrary code execution.

CVE-2024-56201 highlights the critical importance of validating both the sources and contents of templates in web applications. By understanding the mechanics of this vulnerability and implementing the recommended mitigations, developers can safeguard their applications against potential exploitation.
CWE-150

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@odaysec