persistence

package
v0.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 4, 2026 License: MIT Imports: 6 Imported by: 0

Documentation

Overview

Package persistence implements attacks that establish persistent footholds in agent systems through configuration modification, credential harvesting, and multi-step exploitation chains.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AgentConfigRewriteModule

type AgentConfigRewriteModule struct{}

AgentConfigRewriteModule exploits agents that can modify their own configuration. Instructions cause the agent to rewrite its system prompt or config files, and once rewritten, compromise persists across sessions.

Source: Penligent (https://www.penligent.ai/hackinglabs/the-openclaw-prompt-injection-problem-persistence-tool-hijack-and-the-security-boundary-that-doesnt-exist/)

func (*AgentConfigRewriteModule) Category

func (*AgentConfigRewriteModule) Description

func (m *AgentConfigRewriteModule) Description() string

func (*AgentConfigRewriteModule) Execute

func (*AgentConfigRewriteModule) Name

func (m *AgentConfigRewriteModule) Name() string

func (*AgentConfigRewriteModule) Techniques

func (m *AgentConfigRewriteModule) Techniques() []common.TechniqueInfo

type CredentialHarvestModule

type CredentialHarvestModule struct{}

CredentialHarvestModule extracts API keys, OAuth tokens, SSH credentials, and other secrets from agent environments. In OpenClaw, agents inherit access to API keys, OAuth tokens, SSH credentials, and browser sessions.

Source: Cubic Security Audit (https://www.cubic.dev/blog/we-found-and-fixed-critical-security-vulnerabilities-in-openclaw)

NOTE: Test payloads use synthetic/placeholder values, never real credentials.

func (*CredentialHarvestModule) Category

func (*CredentialHarvestModule) Description

func (m *CredentialHarvestModule) Description() string

func (*CredentialHarvestModule) Execute

func (*CredentialHarvestModule) Name

func (m *CredentialHarvestModule) Name() string

func (*CredentialHarvestModule) Techniques

func (m *CredentialHarvestModule) Techniques() []common.TechniqueInfo

type RCEChainModule

type RCEChainModule struct{}

RCEChainModule implements multi-step exploitation chains from prompt injection through tool access to remote code execution.

Source: depthfirst CVE-2026-25253 Pattern: 1-click RCE — single webpage visit leads to full host takeover via agent

WARNING: This is the highest blast-radius module. Must run in Docker container with --network=none, read-only filesystem (except /tmp), no host process namespace access.

func (*RCEChainModule) Category

func (m *RCEChainModule) Category() common.AttackCategory

func (*RCEChainModule) Description

func (m *RCEChainModule) Description() string

func (*RCEChainModule) Execute

func (m *RCEChainModule) Execute(ctx context.Context, provider common.Provider, config common.AttackConfig) (*common.AttackResult, error)

func (*RCEChainModule) Name

func (m *RCEChainModule) Name() string

func (*RCEChainModule) Techniques

func (m *RCEChainModule) Techniques() []common.TechniqueInfo

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL