### PyYaml

https://pyyaml.org/wiki/PyYAMLDocumentation

### YAML Format

> title: Parrot Sketch  
actors:
    - first_name: John
    last_name: Cleese
    dob: 1939-10-27
    - first_name: Michael
    last_name: Palin
    dob: 1943-05-05    

Very human readable, the best

In [3]:
#pip install pyyaml

YAML uses pickle and unpickle, so you need to be careful! (can execute malicious code)

In [4]:
import yaml

In [10]:
data = '''
---
title: Parrot Sketch
actors:
    - first_name: John
      last_name: Cleese
      dob: 1939-10-27
    - first_name: Michael
      last_name: Palin
      dob: 1943-05-05    

'''

In [11]:
d = yaml.load(data)

  """Entry point for launching an IPython kernel.


In [12]:
type(d)

dict

In [13]:
d

{'title': 'Parrot Sketch',
 'actors': [{'first_name': 'John',
   'last_name': 'Cleese',
   'dob': datetime.date(1939, 10, 27)},
  {'first_name': 'Michael',
   'last_name': 'Palin',
   'dob': datetime.date(1943, 5, 5)}]}

In [14]:
d = {'a': 100, 'b': False, 'c': 10.5, 'd': [1, 2, 3]}

In [15]:
print(yaml.dump(d))

a: 100
b: false
c: 10.5
d:
- 1
- 2
- 3



In [17]:
print(yaml.dump(d, default_flow_style=True))

{a: 100, b: false, c: 10.5, d: [1, 2, 3]}



In [19]:
print(yaml.dump(d, default_flow_style=False))

a: 100
b: false
c: 10.5
d:
- 1
- 2
- 3



In [32]:
class Person:
    def __init__(self, name, age):
        self.name = name
        self.age = age
        
    def __repr__(self):
        return f'Person(name={self.name}, age={self.age})'

In [33]:
from datetime import date

p1 = Person('John Cleese', date(1939, 10, 27))
p2 = Person('Michael Palin', date(1934, 5, 5))

In [34]:
print(yaml.dump({'john': p1, 'michael': p2}))

john: !!python/object:__main__.Person
  age: 1939-10-27
  name: John Cleese
michael: !!python/object:__main__.Person
  age: 1934-05-05
  name: Michael Palin



In [35]:
yaml_data = '''
john: !!python/object:__main__.Person
  age: 1939-10-27
  name: John Cleese
michael: !!python/object:__main__.Person
  age: 1934-05-05
  name: Michael Palin
'''

In [36]:
yaml.load(yaml_data)

  """Entry point for launching an IPython kernel.


{'john': Person(name=John Cleese, age=1939-10-27),
 'michael': Person(name=Michael Palin, age=1934-05-05)}

In [37]:
yaml_data = '''
exec_paths:
    !!python/object/apply:os.get_exec_path []
exec_command:
    !!python/object/apply:subprocess.check_output [['ls', '/']]
'''

In [38]:
yaml.load(yaml_data)

  """Entry point for launching an IPython kernel.


ConstructorError: could not determine a constructor for the tag 'tag:yaml.org,2002:python/object/apply:os.get_exec_path'
  in "<unicode string>", line 3, column 5:
        !!python/object/apply:os.get_exe ... 
        ^

The above code block is an example of how you can exploit yaml

In [39]:
yaml.safe_load(yaml_data)

ConstructorError: could not determine a constructor for the tag 'tag:yaml.org,2002:python/object/apply:os.get_exec_path'
  in "<unicode string>", line 3, column 5:
        !!python/object/apply:os.get_exe ... 
        ^

It looks like safe load has been implemented as a default feature for loading with yaml (now)

In [40]:
yaml_data = '''
john: !!python/object:__main__.Person
  age: 1939-10-27
  name: John Cleese
michael: !!python/object:__main__.Person
  age: 1934-05-05
  name: Michael Palin
'''

In [41]:
yaml.safe_load(data)

{'title': 'Parrot Sketch',
 'actors': [{'first_name': 'John',
   'last_name': 'Cleese',
   'dob': datetime.date(1939, 10, 27)},
  {'first_name': 'Michael',
   'last_name': 'Palin',
   'dob': datetime.date(1943, 5, 5)}]}

In [42]:
from yaml import YAMLObject, SafeLoader

In [43]:
class Person(YAMLObject):
    yaml_tag = '!Person'
    def __init__(self, name, age):
        self.name = name
        self.age = age
        
    def __repr__(self):
        return f'Person(name={self.name}, age={self.age})'

In [46]:
print(yaml.dump(dict(john=Person('John Cleese', 79),
                michael=Person('Michael Palin', 74))))

john: !Person
  age: 79
  name: John Cleese
michael: !Person
  age: 74
  name: Michael Palin



In [47]:
yaml_data = '''
john: !Person
  age: 1939-10-27
  name: John Cleese
michael: !Person
  age: 1934-05-05
  name: Michael Palin
'''

In [48]:
yaml.load(yaml_data)

  """Entry point for launching an IPython kernel.


{'john': Person(name=John Cleese, age=1939-10-27),
 'michael': Person(name=Michael Palin, age=1934-05-05)}

In [50]:
yaml.safe_load(yaml_data)

ConstructorError: could not determine a constructor for the tag '!Person'
  in "<unicode string>", line 2, column 7:
    john: !Person
          ^

In [51]:
class Person(YAMLObject):
    yaml_tag = '!Person'
    yaml_loader = SafeLoader
    
    def __init__(self, name, age):
        self.name = name
        self.age = age
        
    def __repr__(self):
        return f'Person(name={self.name}, age={self.age})'

In [52]:
yaml_data = '''
john: !Person
  age: 1939-10-27
  name: John Cleese
michael: !Person
  age: 1934-05-05
  name: Michael Palin
'''

In [53]:
yaml.load(yaml_data)

  """Entry point for launching an IPython kernel.


{'john': Person(name=John Cleese, age=1939-10-27),
 'michael': Person(name=Michael Palin, age=1934-05-05)}

In [54]:
yaml.safe_load(yaml_data)

{'john': Person(name=John Cleese, age=1939-10-27),
 'michael': Person(name=Michael Palin, age=1934-05-05)}

But if we have a hack in here...

In [55]:
yaml_data = '''
john: !Person
  age: 1939-10-27
  name: John Cleese
michael: !Person
  age: 1934-05-05
  name: Michael Palin
exec_paths:
    !!python/object/apply:os.get_exec_path []
exec_command:
    !!python/object/apply:subprocess.check_output [['ls', '/']]
'''

In [56]:
yaml.load(yaml_data)

  """Entry point for launching an IPython kernel.


ConstructorError: could not determine a constructor for the tag 'tag:yaml.org,2002:python/object/apply:os.get_exec_path'
  in "<unicode string>", line 9, column 5:
        !!python/object/apply:os.get_exe ... 
        ^

It doesnt work because new yaml is good.

In [57]:
yaml.safe_load(yaml_data)

ConstructorError: could not determine a constructor for the tag 'tag:yaml.org,2002:python/object/apply:os.get_exec_path'
  in "<unicode string>", line 9, column 5:
        !!python/object/apply:os.get_exe ... 
        ^