Open knowitall12 opened 1 month ago
What likely happened is that it's exposed to the internet, and someone got in and installed that. It'd probably be best to delete the container and start over.
Before reinstalling, edit the dockerfile and remove --enable-insecure-extension-access
and --allow-code
if present. Those effectively allow users to run arbitrary code and are disabled by default. Dockerfile maintainers seem to always enable them for some reason.
Set a password by adding --gradio-auth username:password
Extensions can be installed manually from the terminal by going to the extensions directory and running git clone EXTENSION_URL
cd ~/stable-diffusion-webui/extensions
git clone https://github.com/Mikubill/sd-webui-controlnet
sd.txt sd.txt
Checklist
What happened?
When we made 10K calls to generate different images we observed that a new extension with URL "http://77.90.22.129:3000/WCZMKQKVIQ/na8672" is getting installed.
Steps to reproduce the problem
What should have happened?
The malicious extension shouldn't have been installed automatically.
What browsers do you use to access the UI ?
Google Chrome
Sysinfo
sysinfo-2024-09-18-15-03.json
Console logs
Additional information
We have deployed it on K8s on a pod using a Dockerfile.