Text To Image

Hi guys its retr0reg, I made this tool just for you (: This tool is safe and sound!

  • See there's no HF Warning and stuffs
  • and you can use it with out Trust Remote Code On!
  • https://0reg.dev is a fun website

Hope You enjoy it!

Why I loaded this but nothing happend?!

This is actually a PoC project for a patched huggingface/transformers vulnerability. In transformer's transformers.load_tool *(can be access via from transformers import tools; tools.load_tool or transformers.load_tool) withCall-Chain: load_tool() -> Tool.from_hub() -> get_class_from_dynamic_module() -> get_class_in_module() -> importlib.import_module(module_path); the program will execute arbitrary Python Commands in a maliciously-built repo (without any HuggingFace Warnings in Hub and no trust_remote_code is required). Causing arbitrary OS Command execution or creating a Reverse-Shell connection or even starting a worm attack via HuggingFace Hub.

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model is not currently available via any of the supported Inference Providers.
The model cannot be deployed to the HF Inference API: The model has no library tag.