Se8_Artificial

linux(Easy)

总结

user

tensorflow-rce->app-shell

db文件->gael-shell

root

9898端口转发+备份文件config.json->restic利用

tensorflow-rce问问gpt即可

WhiteRabbit那个靶机见过了restic，两种思路

直接restic的bakup 和 dump 或者 restic-server

https://gtfobins.github.io/gtfobins/restic/

https://flowerwitch.github.io/

docker 安装

https://blog.csdn.net/m0_56373528/article/details/144637606

sudo vim /etc/apt/sources.list

#下面的源任选其一即可，注释掉其它不用的源

#中科大
deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib

#阿里云
#deb http://mirrors.aliyun.com/kali kali-rolling main non-free contrib
#deb-src http://mirrors.aliyun.com/kali kali-rolling main non-free contrib

#清华大学
#deb http://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
#deb-src https://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free

#浙大
#deb http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free
#deb-src http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free


sudo apt update
#如果上面命令报Error就 ↓
wget -q -O - https://archive.kali.org/archive-key.asc | sudo apt-key add

sudo apt update
sudo apt-get install docker.io

docker加载超时就需要，国内镜像加速配置

sudo vim /etc/docker/daemon.json

{
"registry-mirrors": [
"https://docker.1ms.run",
"https://hub.rat.dev",
"https://docker.1panel.live"
  ]
}

sudo systemctl daemon-reload
sudo systemctl restart docker

docker与物理机之间文件传输

sudo docker build -t my-app:latest .
sudo docker run -it --name m-tf-container my-app:latest
sudo docker cp ./model.py m-tf-container:/code
sudo docker cp ./rce.py m-tf-container:/code
#docker
root@6b5f1092f4a3:/code# python model.py

#kali
sudo docker cp m-tf-container:/code/profits_model.h5 .

vuln-代码

@app.route('/run_model/<model_id>')
def run_model(model_id):
if ('user_id'in session):
        username = session['username']
if not (User.query.filter_by(username=username).first()):
return redirect(url_for('login'))
else:
return redirect(url_for('login'))

    model_path = os.path.join(app.config['UPLOAD_FOLDER'], f'{model_id}.h5')

if not os.path.exists(model_path):
return redirect(url_for('dashboard'))

    try:
        model = tf.keras.models.load_model(model_path)

        hours = np.arange(0, 24 * 7).reshape(-1, 1)
        predictions = model.predict(hours)

        days_of_week = ["Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday", "Sunday"]
        daily_predictions = {f"{days_of_week[i // 24]} - Hour {i % 24}": round(predictions[i][0], 2) for i in range(len(predictions))}

        max_day = max(daily_predictions, key=daily_predictions.get)
        max_prediction = daily_predictions[max_day]

        model_summary = []
        model.summary(print_fn=lambda x: model_summary.append(x))
        model_summary = "n".join(model_summary)

return render_template(
'run_model.html',
            model_summary=model_summary,
            daily_predictions=daily_predictions,
            max_day=max_day,
            max_prediction=max_prediction
        )
    except Exception as e:
print(e)
return redirect(url_for('dashboard'))

这个 load_model()，文件中嵌入恶意 Lambda 层表达式，模型加载时会自动 eval() 执行，

Keras/TensorFlow 会在加载 Lambda 层或自定义对象时执行反序列化，等价于 eval("lambda x: __import__('os').system(...)")

参考

https://gtfobins.github.io/gtfobins/restic/

https://flowerwitch.github.io/ 花师傅

docker安装
https://blog.csdn.net/m0_56373528/article/details/144637606