Gradio¶
Enumerate and probe Gradio application instances.
Overview¶
The gradio module targets Gradio web applications, covering configuration discovery, prediction endpoints, queue-based execution, file upload/download, file-chain correlation, and serve-path probing. It follows a predict/upload to file-chain to serve-probe progression.
Subcommands¶
Read-Only (no --force-exploit required)¶
| Subcommand | Description |
|---|---|
enum |
Config discovery: version, title, endpoints, capabilities |
predict |
Call a prediction endpoint |
download-file |
Download a file by reference path |
file-chain |
Drive a file through the read chain (correlate file paths) |
Gated (requires --force-exploit)¶
| Subcommand | Description |
|---|---|
queue-probe |
Queue-backed execution probe |
upload-file |
Upload a proof file |
serve-probe |
Validate re-serve and file path accessibility |
Flags¶
| Flag | Required | Description |
|---|---|---|
--target |
Yes | Gradio app URL (e.g., http://127.0.0.1:7860) |
--header |
No | Custom HTTP headers. Repeatable. |
--api-name |
For predict, queue-probe, upload-file |
API endpoint name |
--fn-index |
Alternative to --api-name |
Function index number (also for upload-file) |
--input-json |
For predict, queue-probe |
Input data as JSON array |
--file |
For upload-file, download-file, file-chain, serve-probe |
File path or reference |
--filename |
For upload-file |
Upload filename |
--content |
For upload-file |
File content string |
Note
Either --api-name or --fn-index is required for predict and queue-probe, but not both.
Examples¶
# Enumerate config and endpoints
./aipostex gradio --target http://127.0.0.1:7860 enum
# Call a prediction endpoint
./aipostex gradio --target http://127.0.0.1:7860 predict \
--api-name predict --input-json '["hello"]'
# Queue-backed execution probe (gated)
./aipostex gradio --target http://127.0.0.1:7860 queue-probe \
--api-name predict --input-json '["hello"]' --force-exploit
# Upload a proof file (gated)
./aipostex gradio --target http://127.0.0.1:7860 upload-file \
--api-name predict --force-exploit
# Download a file reference
./aipostex gradio --target http://127.0.0.1:7860 download-file \
--file /tmp/gradio/demo.txt
# Correlate file paths
./aipostex gradio --target http://127.0.0.1:7860 file-chain \
--file /tmp/gradio/demo.txt
# Validate serve paths (gated)
./aipostex gradio --target http://127.0.0.1:7860 serve-probe \
--file /tmp/gradio/demo.txt --force-exploit
Capability Classification¶
The enum command classifies Gradio app capabilities:
- Queue enabled -- whether the app uses queue-based execution
- File input/output -- whether endpoints accept or return files
- API surface -- discovered callable endpoints with parameter info
Workflow Progression¶
discover network (discovers Gradio on :7860)
→ gradio enum (config, endpoints, capabilities)
→ gradio predict --api-name <name> (test prediction)
→ gradio queue-probe (queue execution, gated)
→ gradio upload-file (file upload, gated)
→ gradio download-file --file <ref> (read uploaded file)
→ gradio file-chain --file <ref> (correlate paths)
→ gradio serve-probe --file <ref> (validate serve, gated)
Returned file references and queue/event handles are preserved in finding metadata for chaining.