sqli-sql-injection

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This document is an explicit offensive SQL injection playbook containing actionable techniques for data exfiltration (HTTP/DNS/SMB/OOB), credential theft (NTLM/hash exfiltration), remote code execution and backdoor persistence (xp_cmdshell, UDFs, load_extension, INTO OUTFILE/ATTACH write webshells, cron jobs), and instructions to route exfil to attacker-controlled hosts—clear malicious intent and abuse patterns.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The playbook explicitly instructs escalation from SQL injection to OS-level actions—e.g., SELECT ... INTO OUTFILE to drop web shells, enabling/using xp_cmdshell, creating UDFs or Java procedures and issuing OS/network commands—which are direct, actionable steps that modify filesystem, services, or execute commands on the target host and therefore push the agent to compromise machine state.