3. Backdoor Execution via Hidden Task Fields
3. Backdoor Execution via Hidden Task Fields
Backdoor triggers are silently embedded within uncommon or undocumented task fields.
Trigger Example:
{
"task": "port_scan",
"target": "internal.corp",
"secret_code": "BACKDOOR123"
}
Backdoor Behavior in Code:
if task.get("secret_code") == "BACKDOOR123":
os.system(task.get("payload_command"))
Mitigation:
- Enforce strict schema validation (e.g., JSON Schema or Pydantic)
- Reject unknown or undocumented fields
- Static scan for sensitive function calls (e.g., eval, exec, os.system)