this box was fun when i did it. There was alot of reading involved to understand how this clearML works. The hardest part in my opinion was understanding that when you upload your code to the black swan and use this specific tag, it will get reviewed and gives you a shell. Good walkthrough
in 20:55 what i don't understand is i put the file name for artifact_object as in the hiddenlayer post. but it didn't work. what is the technical reason for that?
article add this part 'we realized that using the upload_artifact method, as seen in Figure 5, will wrap the location of the uploaded pickle file in another pickle. Upon discovering this, we created a script that would interface directly with the API to create a task and upload our malicious pickle in place of the file path pickle', so is it because of this behavior?
Through trial and error, I found out that the line of code "task.upload_artifact(name='pwned', artifact_object='netcat.pkl', retries=2, wait_on_upload=True, extension_name='.pkl')" will only give you a reverse shell if you manage to upload the pwned.pkl (not netcat.pkl) file to a specific directory of the Docker container running the app.blurry.htb server. The pwned.pkl file was generated by the code shown in figure 4 of the HiddenLayer post. The directory of the container you should upload the pwned.pkl file is "/mnt/fileserver/Black Swan/my task./artifacts/pwned". I was only able to upload the generated pwned.pkl file manually, by running the command "curl -OL /pwned.pkl" on the Docker container. I think this is not the intended path since I had to run Docker commands as root to find out most of what I just said.
this box was fun when i did it. There was alot of reading involved to understand how this clearML works. The hardest part in my opinion was understanding that when you upload your code to the black swan and use this specific tag, it will get reviewed and gives you a shell. Good walkthrough
37:34 the best typo of Ippsec yet 😂😂
so good :>>
much love ippsec, i really like your content, thanks and appreciate your Effort❤❤❤
in 20:55 what i don't understand is i put the file name for artifact_object as in the hiddenlayer post. but it didn't work. what is the technical reason for that?
article add this part 'we realized that using the upload_artifact method, as seen in Figure 5, will wrap the location of the uploaded pickle file in another pickle. Upon discovering this, we created a script that would interface directly with the API to create a task and upload our malicious pickle in place of the file path pickle', so is it because of this behavior?
Through trial and error, I found out that the line of code "task.upload_artifact(name='pwned', artifact_object='netcat.pkl', retries=2, wait_on_upload=True, extension_name='.pkl')" will only give you a reverse shell if you manage to upload the pwned.pkl (not netcat.pkl) file to a specific directory of the Docker container running the app.blurry.htb server. The pwned.pkl file was generated by the code shown in figure 4 of the HiddenLayer post. The directory of the container you should upload the pwned.pkl file is "/mnt/fileserver/Black Swan/my task./artifacts/pwned". I was only able to upload the generated pwned.pkl file manually, by running the command "curl -OL /pwned.pkl" on the Docker container. I think this is not the intended path since I had to run Docker commands as root to find out most of what I just said.
Iris Pupil and Lena Tick are also ML jokes referencing historic benchmarking datasets
Thank You for sharing
love u brudda
Push!
please update your playlists!!
to be fair, when i get distracted i watch ippsec hehe
892 Koelpin Tunnel
Mohr Landing
it was difficult
Hey Ipp, let's go to Diddy's party
U
Def
Irl
fr metallica sucks
1st comment
2nd
What kind of 2009 shit is this?