Add PoC pickle
Browse files- README.md +16 -0
- malicious.pkl +3 -0
README.md
ADDED
|
@@ -0,0 +1,16 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
---
|
| 2 |
+
license: mit
|
| 3 |
+
tags:
|
| 4 |
+
- mfv
|
| 5 |
+
- huntr
|
| 6 |
+
- eg3d
|
| 7 |
+
- rce
|
| 8 |
+
---
|
| 9 |
+
|
| 10 |
+
# EG3D MFV PoC — RCE via Unsafe Pickle Deserialization
|
| 11 |
+
|
| 12 |
+
**Vulnerability:** RCE via pickle.load + exec() in NVIDIA's custom @persistent_class unpickler
|
| 13 |
+
|
| 14 |
+
**Project:** https://github.com/NVlabs/eg3d
|
| 15 |
+
|
| 16 |
+
**File:** `malicious.pkl` — triggers `os.system` when loaded via `persistence.load_network_pkl()`
|
malicious.pkl
ADDED
|
@@ -0,0 +1,3 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
version https://git-lfs.github.com/spec/v1
|
| 2 |
+
oid sha256:ccf939fef426531f1e932846e2ced77c58ba5a874d588b8e3f6d01cb17791966
|
| 3 |
+
size 65
|