Skip to content

Instantly share code, notes, and snippets.


adam adamczi

  • Poznań, PL
View GitHub Profile
adamczi /
Last active Nov 6, 2020
CVE-2020-1747 PyYAML PoC
# pyyaml==5.3 required. Vulnerability has been fixed in 5.3.1
# More: ret2libc's report in
# Explanation:
from yaml import *
with open('payload.yaml','rb') as f:
content =
data = load(content, Loader=FullLoader) # Using vulnerable FullLoader
You can’t perform that action at this time.