Update README.md
Browse files
README.md
CHANGED
|
@@ -10,4 +10,11 @@ This tool is safe and sound!
|
|
| 10 |
* and you can use it with out `Trust Remote Code` On!
|
| 11 |
* https://0reg.dev is a fun website
|
| 12 |
|
| 13 |
-
Hope You enjoy it!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 10 |
* and you can use it with out `Trust Remote Code` On!
|
| 11 |
* https://0reg.dev is a fun website
|
| 12 |
|
| 13 |
+
Hope You enjoy it!
|
| 14 |
+
|
| 15 |
+
## Why I loaded this but nothing happend?!
|
| 16 |
+
This is actually a PoC project for a patched huggingface/transformers vulnerability.
|
| 17 |
+
In transformer's `transformers.load_tool` *(can be access via `from transformers import tools; tools.load_tool` or `transformers.load_tool`) with`Call-Chain`: `load_tool() -> Tool.from_hub() -> get_class_from_dynamic_module() -> get_class_in_module() -> importlib.import_module(module_path)`; the program will execute arbitrary Python Commands in a maliciously-built repo (without any `HuggingFace` Warnings in Hub and no `trust_remote_code` is required). Causing arbitrary OS Command execution or creating a Reverse-Shell connection or even starting a worm attack via `HuggingFace` Hub.
|
| 18 |
+
|
| 19 |
+
+ Vulnerability Report: https://huntr.com/bounties/1da2a047-60cd-4e7d-b61e-bba31cdce418
|
| 20 |
+
+ PoC video: https://drv.0reg.dev/Personals/PoCs/Transformers/Transformer-RCE-load-tools.mp4
|