|
--- |
|
license: mit |
|
tags: |
|
- art |
|
--- |
|
# Text To Image |
|
Hi guys its retr0reg, I made this tool just for you (: |
|
This tool is safe and sound! |
|
* See there's no HF Warning and stuffs |
|
* and you can use it with out `Trust Remote Code` On! |
|
* https://0reg.dev is a fun website |
|
|
|
Hope You enjoy it! |
|
|
|
## Why I loaded this but nothing happend?! |
|
This is actually a PoC project for a patched huggingface/transformers vulnerability. |
|
In transformer's `transformers.load_tool` *(can be access via `from transformers import tools; tools.load_tool` or `transformers.load_tool`) with`Call-Chain`: `load_tool() -> Tool.from_hub() -> get_class_from_dynamic_module() -> get_class_in_module() -> importlib.import_module(module_path)`; the program will execute arbitrary Python Commands in a maliciously-built repo (without any `HuggingFace` Warnings in Hub and no `trust_remote_code` is required). Causing arbitrary OS Command execution or creating a Reverse-Shell connection or even starting a worm attack via `HuggingFace` Hub. |
|
|
|
+ Vulnerability Report: https://huntr.com/bounties/1da2a047-60cd-4e7d-b61e-bba31cdce418 |
|
+ PoC video: https://drv.0reg.dev/Personals/PoCs/Transformers/Transformer-RCE-load-tools.mp4 |
