| --- |
| license: mit |
| tags: |
| - security-research |
| - modelscan-bypass |
| --- |
| |
| # ModelScan Bypass: code.InteractiveConsole RCE |
|
|
| **Security research PoC** — demonstrates modelscan scanner bypass via `code.InteractiveConsole` + `operator.methodcaller`. |
|
|
| ## DO NOT LOAD THESE FILES |
| The pickle files in this repository contain code execution payloads for security research purposes only. |
|
|
| ## Details |
| - `code` module not in modelscan blocklist |
| - `operator.methodcaller` not blocked (only `attrgetter` is) |
| - Chain: `methodcaller('push', payload)(InteractiveConsole())` → full RCE |
| - Tested on modelscan 0.7.6 and 0.8.8 — both report 0 issues |
|
|
