A Compiler Framework Exploiting Compositional Blindness in Aligned LLMs for Malware Generation
A Compiler Framework Exploiting Compositional Blindness in Aligned LLMs for Malware Generation
Embedded Files
Demo 1: Telnet Exploitation-Based DDoS Attack
Demo 1: Telnet Exploitation-Based DDoS Attack
A command-and-control (C2) server orchestrates a botnet attack by issuing instructions to compromised devices. The botnet grows autonomously, scanning for and infecting systems with weak Telnet/SSH credentials. Once under control, the infected devices launch large-scale network floods against a target, disrupting services through excessive traffic and resource exhaustion.
Galaxy.movMGC Generated
galaxy-gt-blur2.movGround Truth
galaxy-replaced-flooding-blur2.movGround Truth with Replaced Flooders
galaxy-replaced-scanner-blur.movGround Truth with Replaced Telnet Scanner
Demo 2: Internet Relay Chat (IRC) Controlled DDoS Attack
Demo 2: Internet Relay Chat (IRC) Controlled DDoS Attack
This attack uses an IRC-based bot to flood a target with massive network traffic, disrupting services. It supports SYN, UDP, HTTP, and ICMP flood attacks, overwhelming servers or networks. The bot operates remotely, receiving commands via an IRC chatroom, allowing attackers to coordinate and launch attacks against chosen targets.
kaiten-ge.mp4MGC Generated
kaiten-gt.movGround Truth
Demo 3: Stealthy UDP Reverse Shell Attack
Demo 3: Stealthy UDP Reverse Shell Attack
This attack creates a secret backdoor using UDP, allowing remote control of a compromised machine. Unlike typical remote access tools, it doesn’t need a constant connection, making it harder to detect. Attackers send commands via UDP packets, and the infected system executes them, sending back responses secretly.
shady-generated.movMGC Generated
shady-gt.movGround Truth
Demo 4: SQL-Injection and Privilege Escalation Attack
Demo 4: SQL-Injection and Privilege Escalation Attack
This attack targets a SQL injection vulnerability in the PunBB forum software, allowing unauthorized privilege escalation. It begins by logging into a legitimate user account, then injects malicious SQL payloads through the email change functionality to escalate privileges (e.g., granting admin rights). The attack can also intercept or simulate activation keys to finalize the takeover. Once control is gained, it supports optional payload delivery, system persistence, and stealth cleanup—making it suitable for long-term access and lateral movement. Note that the targeted vulnerable version PunBB 1.2.4 is deprecated, and we demo on version 1.2.12 instead.
punbb-gen.movMGC Generated
punbb-gt.movGround Truth
Demo 5: GUI-Based Hybrid File-Encrypting Ransomware
Demo 5: GUI-Based Hybrid File-Encrypting Ransomware
This attack deploys a multi-threaded ransomware payload that encrypts a wide set of file types on a victim’s system using AES encryption. It renames critical system files, drops a ransom note, and displays a custom GUI demanding cryptocurrency payment (Monero). The malware includes evasion logic to detect sandboxes and debugging tools, and uses RSA to securely encrypt the AES keys. The generated variant introduces C2 communication, process injection, persistence, and sandbox detection, making it suitable for longer-term infection and stealth.
kirk-gen.movMGC Generated
kirk-gt.movGround Truth
Page updated
Google Sites
Report abuse