SnailSploit/Claude-Red/offensive-basic-exploitation
53
dangerous
analyzed 2h ago
WHY THIS SCORE
- low broad_perms: requests broad/elevated permissions
- low broad_perms: requests broad/elevated permissions
- low broad_perms: requests broad/elevated permissions
- low broad_perms: requests broad/elevated permissions
- low broad_perms: requests broad/elevated permissions
- low broad_perms: requests broad/elevated permissions
- low broad_perms: requests broad/elevated permissions
- low broad_perms: requests broad/elevated permissions
- low broad_perms: requests broad/elevated permissions
- LLM judged overall risk 5/100
Claims
The skill provides a curriculum and operational checklist for basic Linux exploitation (Week 5), focusing on techniques like EIP/RIP control, ROP chains, and shellcode injection in an environment with mitigations disabled. It guides the agent through environment setup, tool installation, and exploit development.
Actual behavior
The skill defines trigger phrases and instructions for the AI agent to follow a specific methodology. It includes a detailed shell script snippet for setting up the lab environment (installing tools like `pwntools`, `radare2`, `one_gadget` and configuring ASLR). The code is primarily declarative (Markdown) with embedded shell commands for setup. It does not execute arbitrary code from external sources, nor does it exfiltrate secrets. It explicitly warns against disabling ASLR globally, showing security awareness.
Findings
low broad_perms — requests broad/elevated permissions
tem-wide
# echo 0 | sudo tee /proc/sys/kernel
low broad_perms — requests broad/elevated permissions
ize_va_space = 0" | sudo tee /etc/sysctl.d/99
low broad_perms — requests broad/elevated permissions
disable-aslr.conf
# sudo sysctl --system
# O
low broad_perms — requests broad/elevated permissions
ABLE it:
# echo 2 | sudo tee /proc/sys/kernel
low broad_perms — requests broad/elevated permissions
andomize_va_space
# sudo rm -f /etc/sysctl.d/
low broad_perms — requests broad/elevated permissions
==================
sudo apt update
sudo apt
low broad_perms — requests broad/elevated permissions
==
sudo apt update
sudo apt install -y \
low broad_perms — requests broad/elevated permissions
uick shell gadgets)
sudo gem install one_gadg
low broad_perms — requests broad/elevated permissions
docker run -it --rm --cap-add=SYS_PTRACE --securi
Attestation
signer 0xB62e1c338a83D3a6621f9127eEa5B000caCfCd01
digest 0x60cccc38f2c97fde4e3013ad2154f2f057cb14a49f5de4800a8963c4d51a777f
verify: GET /skill/verify?digest=…&signature=… · scheme eip191-sha256
← Back to the index