SSH Key Exfiltration via MCP Tool Poisoning
This repository demonstrates a security vulnerability in MCP (Model Context Protocol ) servers that allows for remote code execution and data exfiltration through tool poisoning.
Overview
What is MCP Exploit Demo?
MCP Exploit Demo is a repository that showcases a security vulnerability in Model Context Protocol (MCP) servers, enabling remote code execution and data exfiltration through tool poisoning.
How to use MCP Exploit Demo?
To use this project, clone the repository and run the server.py script to set up a malicious MCP server. Connect to this server using an MCP client like Cursor AI to demonstrate the exploit.
Key features of MCP Exploit Demo?
- Demonstrates a real-world security vulnerability in MCP servers.
- Provides a malicious server implementation for educational purposes.
- Includes configuration files for integration with AI tools.
Use cases of MCP Exploit Demo?
- Educational demonstrations of security vulnerabilities.
- Testing and improving security measures in AI development tools.
- Researching remote code execution techniques.
FAQ from MCP Exploit Demo?
- Is this project safe to use?
This project is intended for educational and security research purposes only. Use it responsibly.
- Can I use this in a production environment?
No, this project is designed to demonstrate vulnerabilities and should not be used in production.
- What are the mitigation recommendations?
Disable auto-run features, verify MCP server sources, review untrusted code, use sandboxed environments, and implement egress filtering.
Recommend Servers
TraeBuild with Free GPT-4.1 & Claude 3.7. Fully MCP-Ready.
AiimagemultistyleA Model Context Protocol (MCP) server for image generation and manipulation using fal.ai's Stable Diffusion model.
Visual Studio Code - Open Source ("Code - OSS")Visual Studio Code
Context7Context7 MCP Server -- Up-to-date code documentation for LLMs and AI code editors
Serper MCP ServerA Serper MCP Server
WindsurfThe new purpose-built IDE to harness magic
Playwright McpPlaywright MCP server
Zhipu Web SearchZhipu Web Search MCP Server is a search engine specifically designed for large models. It integrates four search engines, allowing users to flexibly compare and switch between them. Building upon the web crawling and ranking capabilities of traditional search engines, it enhances intent recognition capabilities, returning results more suitable for large model processing (such as webpage titles, URLs, summaries, site names, site icons, etc.). This helps AI applications achieve "dynamic knowledge acquisition" and "precise scenario adaptation" capabilities.
CursorThe AI Code Editor
Tavily Mcp
MCP AdvisorMCP Advisor & Installation - Use the right MCP server for your needs
ChatWiseThe second fastest AI chatbot™
DeepChatYour AI Partner on Desktop
Amap Maps高德地图官方 MCP Server
TimeA Model Context Protocol server that provides time and timezone conversion capabilities. This server enables LLMs to get current time information and perform timezone conversions using IANA timezone names, with automatic system timezone detection.
Baidu Map百度地图核心API现已全面兼容MCP协议,是国内首家兼容MCP协议的地图服务商。
MiniMax MCPOfficial MiniMax Model Context Protocol (MCP) server that enables interaction with powerful Text to Speech, image generation and video generation APIs.
Jina AI MCP ToolsA Model Context Protocol (MCP) server that integrates with Jina AI Search Foundation APIs.
BlenderBlenderMCP connects Blender to Claude AI through the Model Context Protocol (MCP), allowing Claude to directly interact with and control Blender. This integration enables prompt assisted 3D modeling, scene creation, and manipulation.
EdgeOne Pages MCPAn MCP service designed for deploying HTML content to EdgeOne Pages and obtaining an accessible public URL.
Howtocook Mcp基于Anduin2017 / HowToCook (程序员在家做饭指南)的mcp server,帮你推荐菜谱、规划膳食,解决“今天吃什么“的世纪难题;
Based on Anduin2017/HowToCook (Programmer's Guide to Cooking at Home), MCP Server helps you recommend recipes, plan meals, and solve the century old problem of "what to eat today"