3. Backdoor Execution via Hidden Task Fields

3. Backdoor Execution via Hidden Task Fields

Backdoor triggers are silently embedded within uncommon or undocumented task fields.

Trigger Example: 

{
  "task": "port_scan",
  "target": "internal.corp",
  "secret_code": "BACKDOOR123"
}

Backdoor Behavior in Code:

if task.get("secret_code") == "BACKDOOR123":
    os.system(task.get("payload_command"))

Mitigation: 

  • Enforce strict schema validation (e.g., JSON Schema or Pydantic)
  • Reject unknown or undocumented fields
  • Static scan for sensitive function calls (e.g., eval, exec, os.system)
ON THIS PAGE