Skip to content

Feat/phantom grid real#26

Merged
evkir merged 5 commits into
mainfrom
feat/phantom-grid-real
Jun 12, 2026
Merged

Feat/phantom grid real#26
evkir merged 5 commits into
mainfrom
feat/phantom-grid-real

Conversation

@evkir

@evkir evkir commented Jun 12, 2026

Copy link
Copy Markdown
Owner

День 22 — phantom-grid интеграция работает реально

Переписано под РЕАЛЬНЫЙ phantom-grid v2.0 API (сверено с github.com/evkir/phantom-grid README).

  • Клиент v2.0: token-flow (POST /api/tokens), /api/tokens//interactions, /api/poll?since=, capture /c/, порт 9090. Унифицирован OOBInteraction (был дубль в phantom_grid + phantom_grid_poller с несовместимым timestamp str/float). Poller → тонкий shim поверх клиента.
  • Payloads v2: хост → /c/; +CRLF, +blind-SQLi OOB (Oracle UTL_HTTP/DBMS_LDAP, MSSQL xp_dirtree, MySQL LOAD_FILE, PG COPY TO PROGRAM), +CMDi. 7 категорий.
  • OOBWorkflow (oob_workflow.py): vuln-class → token → deliver_fn → wait_for_callback → correlate → опц. LLM-анализ. Доставка на стороне вызывающего (паттерн SSRF/XXE workflow).
  • ExploitAgentOOB.run_oob → token-flow.
  • 8 mocked e2e тестов (confirmed/not/unavailable/delivery-fail/LLM/correlate).

327 tests green.

@evkir evkir merged commit 9c8aa64 into main Jun 12, 2026
5 checks passed
@evkir evkir deleted the feat/phantom-grid-real branch June 12, 2026 21:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@evkir