Using PDDL to find privilege escalation paths
a year ago
- #AI Planning
- #Privilege Escalation
- #Cybersecurity
- Current academic vulnerability research focuses on individual bugs, but modern attacks use chains of exploits.
- ChainReactor is a tool that automates the discovery of privilege escalation chains using AI planning.
- It models the problem in PDDL and uses a planner to generate chains of vulnerabilities and benign actions.
- Evaluated on synthetic and real-world VMs, ChainReactor rediscovered known exploits and found new zero-day chains.
- The tool successfully identified exploit chains in CTF machines and new chains on 16 Amazon EC2 and 4 Digital Ocean VMs.