You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

PoC: Keras Scan -> save_model overwrite

Files

  • mal_scan_overwrite_keras.keras: malicious uploaded model file
  • poc.py: reproduction script
  • uild_poc_model.py: rebuilds the malicious file from source logic
  • SUBMISSION_TITLE.txt: title to paste into Huntr
  • SUBMISSION_DESCRIPTION.md: description to paste into Huntr

Reproduction

ash pip install keras tensorflow-cpu python poc.py

Expected output includes: ext LOAD_EXCEPTION TypeError TARGET_EXISTS True TARGET_SIZE 7111 TARGET_RELOAD_TYPE Dense TARGET_RELOAD_CLASS Dense

The PoC is self-contained. It automatically creates the target file ( arget_valid_overwritten.keras) locally before loading the malicious model.

Downloads last month
3
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support