CVE-2023-36281 PoC — LangChain 代码注入漏洞

Source

https://github.com/tagomaru/CVE-2023-36281

Associated Vulnerability

Title:LangChain 代码注入漏洞 (CVE-2023-36281)
Description:LangChain是通过可组合性使用 LLM 构建应用程序。 LangChain v.0.0.171版本存在代码注入漏洞，该漏洞源于允许远程攻击者通过 json 文件及 load_prompt 参数执行任意代码。

Description

PoC of CVE-2023-36281

Readme

# CVE-2023-36281
PoC of CVE-2023-36281

I referred to [this PoC](https://aisec.today/LangChain-2e6244a313dd46139c5ef28cbcab9e55). Unfortunately, it doesn’t work because the indexes of `subprocess.Popen` are different in each Python environment. However, my PoC code addresses this problem.

## Installation
`$ pip install -r requirements.txt`

## Execution
### 1. Get index of subprocss on your own environment since it could be different for each environment.
#### In
`$ python get_index_of_subprocess.py`

#### Out
```
subprcess.Popen index: 309.
Replace target_index in attack_prompt.json with this value.
```

### 2. Replace target_index in attack_prompt.json with the value you get.

### 3. Exploit
#### In
`$ python exploit.py`

#### Out
```
README.md  attack_prompt.json  get_index_of_subprocess.py  exploit.py  requirements.txt
```

File Snapshot


 [4.0K]  /data/pocs/88c1b50511063657263aa0e5991c0ef97e8d73d1
├── [ 335]  attack_prompt.json
├── [ 150]  exploit.py
├── [ 314]  get_index_of_subprocess.py
├── [ 842]  README.md
└── [  18]  requirements.txt

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!