---
license: mit
tags:
- art
---
# Text To Image
Hi guys its retr0reg, I made this tool just for you (:
This tool is safe and sound! 
* See there's no HF Warning and stuffs
* and you can use it with out `Trust Remote Code` On!
* https://0reg.dev is a fun website
 
Hope You enjoy it!

## Why I loaded this but nothing happend?!
This is actually a PoC project for a patched huggingface/transformers vulnerability.
In transformer's `transformers.load_tool` *(can be access via `from transformers import tools; tools.load_tool` or `transformers.load_tool`) with`Call-Chain`: `load_tool() -> Tool.from_hub() -> get_class_from_dynamic_module() -> get_class_in_module() -> importlib.import_module(module_path)`; the program will execute arbitrary Python Commands in a maliciously-built repo (without any `HuggingFace` Warnings in Hub and no `trust_remote_code` is required). Causing arbitrary OS Command execution or creating a Reverse-Shell connection or even starting a worm attack via `HuggingFace` Hub.

+ Vulnerability Report: https://huntr.com/bounties/1da2a047-60cd-4e7d-b61e-bba31cdce418
+ PoC video: https://drv.0reg.dev/Personals/PoCs/Transformers/Transformer-RCE-load-tools.mp4