Last active
June 26, 2024 04:53
-
-
Save cappetta/7ec66ad7d4d7deda26941941b4bbaf8f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ nasl -k /tmp/kb -aWXt localhost -I ./ -X /home/kali/Desktop/open-nasl/modelscan.cpp | |
[2024-06-26 04:52:13] pread_wrapper(): Running "/bin/sh" on the scanner localhost using pread_ex(). | |
{"plugin": "modelscan.cpp", "command": "which -a pip 2>/dev/null", "response": "/tmp/venv/bin/pip\n/usr/bin/pip\n/bin/pip\n", "hostname": "localhost"} | |
[2024-06-26 04:52:13] ldnix::get_command_path(): Successfully returning | |
DETAILS: | |
Path: make_nested_list( | |
'/tmp/venv/bin/pip', | |
'/usr/bin/pip', | |
'/bin/pip' | |
) | |
[2024-06-26 04:52:13] pip -> make_nested_list( | |
'/tmp/venv/bin/pip', | |
'/usr/bin/pip', | |
'/bin/pip' | |
) | |
[2024-06-26 04:52:13] pread_wrapper(): Running "/bin/sh" on the scanner localhost using pread_ex(). | |
{"plugin": "modelscan.cpp", "command": "which -a python3 2>/dev/null", "response": "/tmp/venv/bin/python3\n/usr/bin/python3\n/bin/python3\n", "hostname": "localhost"} | |
[2024-06-26 04:52:13] ldnix::get_command_path(): Successfully returning | |
DETAILS: | |
Path: make_nested_list( | |
'/tmp/venv/bin/python3', | |
'/usr/bin/python3', | |
'/bin/python3' | |
) | |
[2024-06-26 04:52:13] python3 -> make_nested_list( | |
'/tmp/venv/bin/python3', | |
'/usr/bin/python3', | |
'/bin/python3' | |
) | |
[2024-06-26 04:52:13] pread_wrapper(): Running "/bin/sh" on the scanner localhost using pread_ex(). | |
{"plugin": "modelscan.cpp", "command": "which -a modelscan 2>/dev/null", "response": "/tmp/venv/bin/modelscan\n", "hostname": "localhost"} | |
[2024-06-26 04:52:13] ldnix::get_command_path(): Successfully returning | |
DETAILS: | |
Path: make_nested_list( | |
'/tmp/venv/bin/modelscan' | |
) | |
[2024-06-26 04:52:13] modelscan -> make_nested_list( | |
'/tmp/venv/bin/modelscan' | |
) | |
[2024-06-26 04:52:13] pread_wrapper(): Running "/bin/sh" on the scanner localhost using pread_ex(). | |
{"plugin": "modelscan.cpp", "command": "[ -f \"/tmp/venv/bin/modelscan\" ] || [ -d \"/tmp/venv/bin/modelscan\" ] && echo \"found\"", "response": "found\n", "hostname": "localhost"} | |
[2024-06-26 04:52:13] found true-> 1 | |
[2024-06-26 04:52:13] ldnix::file_exists(): Successfully returning | |
DETAILS: | |
Result: 1 | |
[2024-06-26 04:52:13] mvp -> 1 | |
[2024-06-26 04:52:13] run modelscan directly -- | |
[2024-06-26 04:52:13] pread_wrapper(): Running "/bin/sh" on the scanner localhost using pread_ex(). | |
{"plugin": "modelscan.cpp", "command": ". /tmp/venv/bin/activate && modelscan -l WARNING -r json -p /home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin", "response": "No settings file detected at /opt/nessus/lib/nessus/plugins/modelscan-settings.toml. Using defaults. \n\n{\"summary\": {\"total_issues_by_severity\": {\"LOW\": 0, \"MEDIUM\": 0, \"HIGH\": 0, \n\"CRITICAL\": 1}, \"total_issues\": 1, \"input_path\": \n\"/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde7\n2544e50c2294b5a5918a552139995a/pytorch_model.bin\", \"absolute_path\": \n\"/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde7\n2544e50c2294b5a5918a552139995a\", \"modelscan_version\": \"0.7.6\", \"timestamp\": \n\"2024-06-26T00:52:13.516686\", \"scanned\": {\"total_scanned\": 1, \"scanned_files\": \n[\"pytorch_model.bin:pytorch_standard_model/data.pkl\"]}}, \"issues\": \n[{\"description\": \"Use of unsafe operator 'exec' from module 'builtins'\", \n\"operator\": \"exec\", \"module\": \"builtins\", \"source\": \n\"pytorch_model.bin:pytorch_standard_model/data.pkl\", \"scanner\": \n\"modelscan.scanners.PickleUnsafeOpScan\", \"severity\": \"CRITICAL\"}], \"errors\": []}\n", "hostname": "localhost"} | |
[2024-06-26 04:52:13] result -- | |
'No settings file detected at /opt/nessus/lib/nessus/plugins/modelscan-settings.toml. Using defaults. \n\n{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, \n"CRITICAL": 1}, "total_issues": 1, "input_path": \n"/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde7\n2544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": \n"/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde7\n2544e50c2294b5a5918a552139995a", "modelscan_version": "0.7.6", "timestamp": \n"2024-06-26T00:52:13.516686", "scanned": {"total_scanned": 1, "scanned_files": \n["pytorch_model.bin:pytorch_standard_model/data.pkl"]}}, "issues": \n[{"description": "Use of unsafe operator \'exec\' from module \'builtins\'", \n"operator": "exec", "module": "builtins", "source": \n"pytorch_model.bin:pytorch_standard_model/data.pkl", "scanner": \n"modelscan.scanners.PickleUnsafeOpScan", "severity": "CRITICAL"}], "errors": []}\n' | |
[2024-06-26 04:52:13] moving to line: 1 | |
[2024-06-26 04:52:13] moving to line: 2 | |
[2024-06-26 04:52:13] line -- | |
'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, ' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, '|| | |
[2024-06-26 04:52:13] line -- | |
'"CRITICAL": 1}, "total_issues": 1, "input_path": ' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": '|| | |
[2024-06-26 04:52:13] line -- | |
'"/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde7' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde7'|| | |
[2024-06-26 04:52:13] line -- | |
'2544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": ' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": '|| | |
[2024-06-26 04:52:13] line -- | |
'"/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde7' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde7'|| | |
[2024-06-26 04:52:13] line -- | |
'2544e50c2294b5a5918a552139995a", "modelscan_version": "0.7.6", "timestamp": ' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a", "modelscan_version": "0.7.6", "timestamp": '|| | |
[2024-06-26 04:52:13] line -- | |
'"2024-06-26T00:52:13.516686", "scanned": {"total_scanned": 1, "scanned_files": ' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a", "modelscan_version": "0.7.6", "timestamp": "2024-06-26T00:52:13.516686", "scanned": {"total_scanned": 1, "scanned_files": '|| | |
[2024-06-26 04:52:13] line -- | |
'["pytorch_model.bin:pytorch_standard_model/data.pkl"]}}, "issues": ' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a", "modelscan_version": "0.7.6", "timestamp": "2024-06-26T00:52:13.516686", "scanned": {"total_scanned": 1, "scanned_files": ["pytorch_model.bin:pytorch_standard_model/data.pkl"]}}, "issues": '|| | |
[2024-06-26 04:52:13] line -- | |
'[{"description": "Use of unsafe operator \'exec\' from module \'builtins\'", ' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a", "modelscan_version": "0.7.6", "timestamp": "2024-06-26T00:52:13.516686", "scanned": {"total_scanned": 1, "scanned_files": ["pytorch_model.bin:pytorch_standard_model/data.pkl"]}}, "issues": [{"description": "Use of unsafe operator \'exec\' from module \'builtins\'", '|| | |
[2024-06-26 04:52:13] line -- | |
'"operator": "exec", "module": "builtins", "source": ' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a", "modelscan_version": "0.7.6", "timestamp": "2024-06-26T00:52:13.516686", "scanned": {"total_scanned": 1, "scanned_files": ["pytorch_model.bin:pytorch_standard_model/data.pkl"]}}, "issues": [{"description": "Use of unsafe operator \'exec\' from module \'builtins\'", "operator": "exec", "module": "builtins", "source": '|| | |
[2024-06-26 04:52:13] line -- | |
'"pytorch_model.bin:pytorch_standard_model/data.pkl", "scanner": ' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a", "modelscan_version": "0.7.6", "timestamp": "2024-06-26T00:52:13.516686", "scanned": {"total_scanned": 1, "scanned_files": ["pytorch_model.bin:pytorch_standard_model/data.pkl"]}}, "issues": [{"description": "Use of unsafe operator \'exec\' from module \'builtins\'", "operator": "exec", "module": "builtins", "source": "pytorch_model.bin:pytorch_standard_model/data.pkl", "scanner": '|| | |
[2024-06-26 04:52:13] line -- | |
'"modelscan.scanners.PickleUnsafeOpScan", "severity": "CRITICAL"}], "errors": []}' | |
[2024-06-26 04:52:13] json | |
||'{"summary": {"total_issues_by_severity": {"LOW": 0, "MEDIUM": 0, "HIGH": 0, "CRITICAL": 1}, "total_issues": 1, "input_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin", "absolute_path": "/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a", "modelscan_version": "0.7.6", "timestamp": "2024-06-26T00:52:13.516686", "scanned": {"total_scanned": 1, "scanned_files": ["pytorch_model.bin:pytorch_standard_model/data.pkl"]}}, "issues": [{"description": "Use of unsafe operator \'exec\' from module \'builtins\'", "operator": "exec", "module": "builtins", "source": "pytorch_model.bin:pytorch_standard_model/data.pkl", "scanner": "modelscan.scanners.PickleUnsafeOpScan", "severity": "CRITICAL"}], "errors": []}'|| | |
[2024-06-26 04:52:13] jdata -- | |
make_nested_array( | |
'errors', make_nested_list(), | |
'issues', make_nested_list( | |
make_nested_array( | |
'description', 'Use of unsafe operator \'exec\' from module \'builtins\'', | |
'module', 'builtins', | |
'operator', 'exec', | |
'scanner', 'modelscan.scanners.PickleUnsafeOpScan', | |
'severity', 'CRITICAL', | |
'source', 'pytorch_model.bin:pytorch_standard_model/data.pkl' | |
) | |
), | |
'summary', make_nested_array( | |
'absolute_path', '/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a', | |
'input_path', '/home/kali/.cache/huggingface/hub/models--star23--baller12/snapshots/36480cdde72544e50c2294b5a5918a552139995a/pytorch_model.bin', | |
'modelscan_version', '0.7.6', | |
'scanned', make_nested_array( | |
'scanned_files', make_nested_list( | |
'pytorch_model.bin:pytorch_standard_model/data.pkl' | |
), | |
'total_scanned', 1 | |
), | |
'timestamp', '2024-06-26T00:52:13.516686', | |
'total_issues', 1, | |
'total_issues_by_severity', make_nested_array( | |
'CRITICAL', 1, | |
'HIGH', 0, | |
'LOW', 0, | |
'MEDIUM', 0 | |
) | |
) | |
) | |
Nessus downloaded and ran the opensource AI/LLM modelscan tool. Here are the results: | |
severity: CRITICAL | |
source: pytorch_model.bin:pytorch_standard_model/data.pkl | |
module: builtins | |
scanner: modelscan.scanners.PickleUnsafeOpScan | |
operator: exec | |
description: Use of unsafe operator 'exec' from module 'builtins' | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment