Skills
skills/g36maid/ctf-arsenal/web-exploits/Gen Agent Trust Hub

web-exploits

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • REMOTE_CODE_EXECUTION (CRITICAL): The file webshells/node_cmd.js is a functional backdoor. It listens for HTTP requests and executes arbitrary system commands provided via the cmd query parameter or POST body using the child_process.exec function without any sanitization.
  • COMMAND_EXECUTION (HIGH): Several scripts, including ssti_tester.py and upload_tester.py, are designed to automate the delivery of RCE payloads. For example, ssti_tester.py explicitly tests for Jinja2 exploitation using os.popen or Popen patterns to execute shell commands.
  • DATA_EXFILTRATION (HIGH): The toolkit includes numerous payloads in payloads/lfi.txt, payloads/sqli_mysql.txt, and payloads/ssrf.txt that target sensitive information such as /etc/shadow, /etc/passwd, and AWS/GCP metadata service credentials. lfi_tester.py automates the process of reading these sensitive files from remote servers.
  • COMMAND_EXECUTION (MEDIUM): payloads/cmd_injection.txt provides a comprehensive list of shell command injection techniques, including reverse shell strings (bash -i >& /dev/tcp/...) and data exfiltration via curl and wget.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:17 PM