skills/wgpsec/aboutsecurity/database-exploit/Socket

database-exploit

Fail

Audited by Socket on Apr 22, 2026

5 alerts found:

SecurityMalwarex4

Securityevals/evals.json

MEDIUM

SecurityMEDIUM

evals/evals.json

This snippet is not executable malware, but it is explicitly malicious offensive guidance for exploiting Redis/MSSQL/PostgreSQL to obtain OS command execution/shells. In a supply-chain context where untrusted packages/skills may be loaded into assistants or automation, this represents a high security risk despite lacking runtime execution primitives.

Confidence: 82%Severity: 90%

Malwarereferences/mssql-attack.md

HIGH

MalwareHIGH

references/mssql-attack.md

This fragment is an explicit MSSQL intrusion/exploitation playbook that instructs enabling and abusing high-risk server features (xp_cmdshell, OLE Automation, unsafe CLR, TRUSTWORTHY), executing arbitrary OS commands, downloading/in-memory executing attacker payloads, reading/writing files, performing reconnaissance, escalating privileges/lateral movement via linked execution, and stealing NTLM hashes by forcing outbound SMB authentication to an attacker-controlled UNC path. If such content appears in any distributed package/dependency, it is a strong indicator of malicious intent and should be treated as a critical security risk.

Confidence: 88%Severity: 98%

Malwarereferences/redis-attack.md

HIGH

MalwareHIGH

references/redis-attack.md

The provided content is an explicit malicious Redis exploitation and intrusion guide. It instructs filesystem artifact planting (webshell/SSH keys/cron), reverse-shell persistence, replication/module-based native RCE, Lua sandbox escape to OS command execution, and recon/credential brute forcing to obtain sensitive data. This is incompatible with any benign software supply-chain dependency context and represents an extremely high security risk if used or distributed.

Confidence: 95%Severity: 100%

Malwarereferences/postgresql-attack.md

HIGH

MalwareHIGH

references/postgresql-attack.md

This fragment is explicitly malicious exploitation guidance for PostgreSQL, containing multiple high-impact paths from attacker-controlled inputs to OS command execution, sensitive file read/write, persistence via web shell deployment, privilege escalation to SUPERUSER, and Windows UNC-based credential/NTLM leakage attempts. It is not a legitimate software dependency and should be treated as a severe supply-chain security red flag if present in any package/repository artifact.

Confidence: 90%Severity: 98%

MalwareSKILL.md

HIGH

MalwareHIGH

SKILL.md

该技能不是普通数据库管理或排障指南，而是面向 AI 代理的数据库攻击/提权手册，覆盖爆破、命令执行、持久化和敏感数据读取。能力与“exploit”定位一致，但其实际用途是 offensive security，对目标系统有直接入侵和后门化影响，应判定为 MALICIOUS。

Confidence: 97%Severity: 99%

Audit Metadata

Analyzed At

Apr 22, 2026, 10:11 AM

Package URL

pkg:socket/skills-sh/wgpsec%2FAboutSecurity%2Fdatabase-exploit%2F@ef76110f72e05f44e68c454d71bf3008e5658370