manja316
/

modelscan-xmlrpc-ssrf-test

Model card Files Files and versions

modelscan-xmlrpc-ssrf-test / README.md

manja316's picture

Upload README.md with huggingface_hub

9baa94d verified about 1 month ago

|

history blame contribute delete

419 Bytes

	---
	license: mit
	---

	# ModelScan Bypass PoC — xmlrpc.client.ServerProxy SSRF

	Security research — responsible disclosure via Huntr MFV program.

	This model file demonstrates a bypass of ProtectAI's modelscan scanner.
	The pickle payload uses `xmlrpc.client.ServerProxy` to establish outbound
	XML-RPC connections to attacker-controlled servers.

	## DO NOT load these files with pickle.load() outside a sandbox.