Skip to content

Latest commit

 

History

History
88 lines (63 loc) · 3.48 KB

File metadata and controls

88 lines (63 loc) · 3.48 KB

OOB Exploitation Workflow — CyberAI + phantom-grid

Overview

Out-of-band (OOB) techniques confirm blind vulnerabilities — cases where the application response gives no direct feedback (blind SSRF, blind XXE, blind injection). Instead of diffing responses, CyberAI plants a payload that forces the target to call back to phantom-grid, which captures the DNS/HTTP interaction out of band. A captured callback is proof of execution.

Components ExploitAgent

+-- SSRFWorkflow --> target app ----+

+-- XXEWorkflow --> XML parser ----+--> phantom-grid (captures callback)

+-- OOBWorkflow --> generic inject -+

|

PhantomGridClient.get_interactions(id) <+ (polls captured interactions) - cyberai/integrations/phantom_grid.pyPhantomGridClient (token-flow, v2 API)

  • cyberai/agents/exploit/ssrf_workflow.pySSRFWorkflow
  • cyberai/agents/exploit/xxe_workflow.pyXXEWorkflow
  • cyberai/agents/exploit/oob_workflow.pyOOBWorkflow (generic orchestration)

phantom-grid v2 token-flow

The grid runs on port 9090. The capture URL is derived from a server-issued token, not a client-generated id:

from cyberai.integrations.phantom_grid import PhantomGridClient

grid = PhantomGridClient(base_url="http://127.0.0.1:9090")
if not grid.available():           # health check; graceful if grid is down
    ...

token = grid.create_token(label="ssrf-example")   # POST /api/tokens -> token
url   = grid.capture_url(token)                    # http://<host>/c/<token>
# ... inject `url` into the target ...
hits  = grid.get_interactions(token)               # GET captured interactions

OOBInteraction.confirmed is True once a DNS/HTTP hit lands on the token.

SSRF detection flow

  1. SSRFWorkflow requests a capture URL from phantom-grid (server token).
  2. Build the SSRF payload pointing at that URL (_make_payload).
  3. Inject into the candidate parameter via GET or POST (test / test_batch).
  4. Poll get_interactions(token) for a DNS/HTTP callback.
  5. Confirmed hit → SSRFResult with HIGH severity; recorded as a finding.

Blind XXE flow

  1. XXEWorkflow builds an XML payload with an external entity referencing the phantom-grid capture URL.
  2. Submit to the XML-parsing endpoint.
  3. A parser that resolves the entity triggers the OOB callback.
  4. Poll for the interaction → confirmed blind XXE.

Worked example — blind SSRF on example.com

Authorized targets only. Confirm scope before running (cyberai scope import).

  1. Start phantom-grid locally (or point phantom.grid_url at your instance).
  2. Run the exploit phase with OOB enabled:
   python -m cyberai scan example.com --scope example.com
  1. ExploitAgent picks an SSRF-candidate parameter, requests a token from the grid, and injects http://<host>/c/<token> into it.
  2. If example.com fetches the URL server-side, phantom-grid records the hit.
  3. get_interactions(token) returns a confirmed OOBInteraction; the agent raises a HIGH-severity SSRF finding into the report.

Notes

  • No callback within the poll window → reported as unconfirmed, never a false HIGH. Absence of evidence is not evidence.
  • phantom-grid absent / unreachable → workflows degrade gracefully (available = False); the deterministic pipeline still completes.
  • WebSocket push is on the phantom-grid roadmap; the current client polls over HTTP.