Skip to content

mtarcure/chain-strike

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.claude-plugin
.claude-plugin
 
 
plugins/chain-strike
plugins/chain-strike
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

    ____ _   _    _    ___ _   _    ____ _____ ____  ___ _  _______ 
   / ___| | | |  / \  |_ _| \ | |  / ___|_   _|  _ \|_ _| |/ / ____|
  | |   | |_| | / _ \  | ||  \| |  \___ \ | | | |_) || || ' /|  _|  
  | |___|  _  |/ ___ \ | || |\  |   ___) || | |  _ < | || . \| |___ 
   \____|_| |_/_/   \_\___|_| \_|  |____/ |_| |_| \_\___|_|\_\_____|
                                                                      
   Turn 3 medium findings into 1 critical.

Chain Strike is a Claude Code skill that takes multiple low and medium severity findings and systematically links them into high-impact exploit chains. Individual medium findings pay $1K. The same findings chained together pay $50K+.

This is how XBOW builds 48-step exploit chains to dominate HackerOne. Now it's a skill you can install.

The Problem

You find 3 medium-severity bugs in a target:

F1: Medium — SSRF at /api/fetch-url (can make server-side requests)
F2: Low    — Info disclosure at /api/debug (leaks internal IPs)  
F3: Low    — No auth on internal admin API

Submit them individually? That's $500 + $100 + $100 = $700.

Chain them?

SSRF (F1) → hit internal IP from F2 → reach unauthed admin API (F3) → RCE

Combined severity: CRITICAL
Payout: $15,000 - $50,000

Same bugs. 20-70x more money. Chain Strike finds these chains automatically.

How It Works

  YOUR FINDINGS (from any source — manual, scanner, AI)
   |
   v
  STEP 1: LIST ALL FINDINGS
   |  Gather every finding with severity, type, file/endpoint
   |
   v
  STEP 2: CONNECTION MATRIX
   |  For every pair (F1,F2), (F1,F3), (F2,F3)...
   |  Ask: "Does finding A enable, amplify, or bypass finding B?"
   |
   |  Connection types:
   |    ENABLES  — F1 (SSRF) enables access to F3's internal service
   |    AMPLIFIES — flash loan amplifies a price manipulation bug
   |    BYPASSES — auth weakness bypasses the guard on a privileged function
   |    CHAINS   — XSS delivers CSRF that triggers admin action
   |    ESCALATES — read access → write via hidden API → full takeover
   |
   v
  STEP 3: PATTERN MATCHING
   |  Check against 20+ proven chain patterns:
   |
   |  Web2:
   |    SSRF → internal API → RCE                    (Medium + Low = Critical)
   |    Auth bypass → IDOR → data exfil              (Medium + Medium = Critical)
   |    XSS → CSRF → admin action                    (Medium + Medium = Critical)
   |    Info disclosure → cred reuse → account takeover (Low + Low = Critical)
   |
   |  Web3/DeFi:
   |    Flash loan → price manipulation → pool drain  (Amplifier + Medium = Critical)
   |    Read-only reentrancy → stale oracle → profit   (Medium + Medium = Critical)
   |    Governance flash loan → vote → treasury drain  (Medium + Medium = Critical)
   |
   |  LLM/AI:
   |    Indirect injection → tool abuse → data exfil   (Medium + Medium = Critical)
   |    System prompt leak → crafted injection → bypass (Low + Medium = High)
   |
   v
  STEP 4: SCORE + PoC
   |  Re-calculate combined CVSS for the full chain
   |  Quantify financial impact ("$500K drainable")
   |  Outline PoC for the complete chain
   |
   v
  OUTPUT: attack-chains.md
   |  Connection matrix
   |  Each viable chain with steps + combined severity
   |  PoC outline per chain
   |  Unchained findings listed separately

Real Chain Examples

These are real patterns from 2025-2026 exploits totaling billions in losses:

Web2: The SSRF-to-RCE Classic

Step 1: SSRF at image upload endpoint (Medium)
Step 2: Server fetches attacker URL → follows redirect to 169.254.169.254
Step 3: AWS metadata endpoint returns IAM credentials  
Step 4: Credentials grant S3 + EC2 access
Step 5: Upload webshell to S3 → execute via EC2

Individual: Medium
Chained: Critical (full infrastructure compromise)

DeFi: Flash Loan + Oracle ($500M+ in real losses)

Step 1: Borrow $100M via Aave flash loan (no finding — just capital)
Step 2: Execute massive swap on Uniswap, skewing token price (Medium)
Step 3: Target protocol reads manipulated price from oracle (Medium)
Step 4: Borrow against inflated collateral / liquidate at profit
Step 5: Reverse the swap, repay flash loan, keep profit

Individual: 2x Medium  
Chained: Critical ($197M — Euler Finance, 2023)

LLM: Indirect Injection → Data Theft

Step 1: Attacker plants instruction in a document the AI will read (Medium)
Step 2: AI processes document, follows injected instruction (Medium)
Step 3: AI uses its tools to exfiltrate sensitive data to attacker endpoint

Individual: 2x Medium
Chained: Critical (data breach via AI agent)

Install

# Add the marketplace
/plugin marketplace add mtarcure/chain-strike

# Install
/plugin install chain-strike@chain-strike

# Reload
/reload-plugins

Requirements

  • Claude Code (CLI, desktop app, or web)
  • No external API keys required

Usage

After finding vulnerabilities (manually, via scanner, or via another AI):

# Build chains from findings in the current project
/chain-strike

# Or invoke programmatically
Skill("attack-chain-builder")

The skill reads your findings, builds the connection matrix, matches against known chain patterns, and outputs attack-chains.md with viable chains ranked by impact.

Chain Pattern Library

Web2 Chains (20+ patterns)

Chain Result Typical Payout
SSRF → internal API → RCE Server compromise $10K-$50K
Auth bypass → IDOR → data exfil Mass data breach $5K-$25K
XSS → CSRF → admin action Privilege escalation $3K-$15K
Info disclosure → cred reuse → ATO Account takeover $5K-$20K
Race condition → duplicate tx → loss Financial loss $2K-$10K
Open redirect → OAuth theft → ATO Account takeover $3K-$15K
GraphQL introspection → mutation → escalation Privilege escalation $2K-$10K

Web3/DeFi Chains

Chain Result Real Losses
Flash loan → oracle manipulation → drain Pool drain $500M+ cumulative
Read-only reentrancy → stale price → extract Profit extraction $30M
ERC-4626 donation → share inflation → theft Depositor theft Multiple exploits
Governance flash loan → vote → treasury Treasury drain Emerging
Proxy collision → upgrade hijack → takeover Contract takeover $10M+

LLM/AI Chains

Chain Result Category
Indirect injection → tool abuse → exfil Data theft Critical
System prompt leak → crafted bypass Safety bypass High
RAG poisoning → persistent injection Ongoing compromise Critical

Anti-Patterns (Don't Do This)

  • Forced chains — Don't link unrelated findings to inflate severity. The connection must be real.
  • Theoretical chains — If you can't write a PoC for the full chain, it's not a chain.
  • Duplicate root cause — Two symptoms of one bug aren't a chain. They're one finding.
  • Scanner spam — 95% of AI-generated reports get rejected. Quality over quantity.

Why This Matters

XBOW submitted 1,060 vulnerabilities to HackerOne and hit a $1B valuation by automating exploit chains. Their key insight: individual bugs are commodity. Chains are where the money is.

Most hunters (human and AI) submit findings individually. Chain Strike systematically finds the combinations they miss.

License

MIT

Built By

Mtarcure — part of the WireWork multi-agent system.

About

Turn 3 medium findings into 1 critical — automated exploit chain construction for Claude Code bug bounty hunters

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors