报告预览

如何让 Hugging Face 拥抱蠕虫：发现并利用预训练大模型中心中的不安全 Pickle.loads..pdf

编号：615406

PDF 70页 4.75MB 下载积分：VIP专享

下载报告请您先登录！

如何让 Hugging Face 拥抱蠕虫：发现并利用预训练大模型中心中的不安全 Pickle.loads..pdf

1、How to Make Hugging Face to Hug Worms:Discovering and Exploiting Unsafe Pickle.loadsover Pre-Trained Large Model HubsPeng Zhou()Shanghai University1Peng Zhou(zpbrent)Associate Professor at Shanghai UniversityBug hunter for Web/AI OSS:30+CVEs with high impactsResearch Interests:Web/3 and AI security

2、Published at:IEEE TDSC/TIFS,ISOC NDSS,ACM ACSAC,etc.Reach me out at:whoami2Agenda Hugging Face Hub and pickle model Discovering unsafe pickle.loads Exploiting for reversed RCE Bypass pickle scanning Weaponizing with wormablepayloads Demo&video&takeaway 3Agenda Hugging Face Hub and pickle model Disco

3、vering unsafe pickle.loads Exploiting for reversed RCE Bypass pickle scanning Weaponizing with wormablepayloads Demo&video&takeaway 4Hugging Face HubModelsDatasetsSpacesAPIsMachine Learning Libraries Integrated in Hugging Face HubSerialization FormatsSafesensorsMsgPackPickleAvroCapnprotoProtobufsb31

4、 https:/huggingface.co/docs/hub/models-libraries5Hugging Face HubSerialization FormatsSafesensorsMsgPackPickleAvroCapnprotoProtobufOur Focus1 https:/huggingface.co/docs/hub/models-librariesMachine Learning Libraries Integrated in Hugging Face Hubsb36ModelsDatasetsSpacesAPIsThe Pickle2 https:/ Marco

5、Slaviero,Sour Pickles-A serialised exploitation guide in one part,BlackHat 2011.pickle.loadspickletools.disbx80 x03qx00Xx07x00 x00 x00sym2idxqx01ccollectionsnOrderedDictnqx02)Rqx03(Xx05x00 x00 x00qx04Kx00Xx03x00 x00 x00theqx05Kx01us.0:x80 PROTO 32:EMPTY_DICT3:q BINPUT 05:X BINUNICODE sym2idx17:q BIN

6、PUT 119:c GLOBAL collections OrderedDict44:q BINPUT 246:)EMPTY_TUPLE47:R REDUCE48:q BINPUT 350:(MARK51:X BINUNICODE 61:q BINPUT 463:K BININT1 065:X BINUNICODE the73:q BINPUT 575:K BININT1 177:u SETITEMS (MARK at 50)78:s SETITEM79:.STOPPickle StringOpcode&StackObjectsym2idx:OrderedDict(,0),(the,1)8Th

友情提示

1、下载报告失败解决办法
2、PDF文件下载后，可能会被浏览器默认打开，此种情况可以点击浏览器菜单，保存网页到桌面，就可以正常下载了。
3、本站不支持迅雷下载，请使用电脑自带的IE浏览器，或者360浏览器、谷歌浏览器下载即可。
4、本站报告下载后的文档和图纸-无水印,预览文档经过压缩，下载后原文更清晰。

本文（如何让 Hugging Face 拥抱蠕虫：发现并利用预训练大模型中心中的不安全 Pickle.loads..pdf）为本站（鲁大师）主动上传，三个皮匠报告文库仅提供信息存储空间，仅对用户上传内容的表现方式做保护处理，对上载内容本身不做任何修改或编辑。若此文所含内容侵犯了您的版权或隐私，请立即通知三个皮匠报告文库（点击联系客服），我们立即给予删除！

温馨提示：如果因为网速或其他原因下载失败请重新下载，重复下载不扣分。