Sample Detailed Zero-Day Prevention Analysis
Run Custom Analysis
Zero-Day Risk Exposure
Remote Command Execution
Remote File Manipulation
Local File System Manipulation
Local Manipulation, Indirect Privilege
Limited System Manipulation
Zero-Day Risk Reduction
96.5%
Zero-Day Reduction with RunSafe
Remote Command Execution
99.7%
Remote File Manipulation
99.8%
Local File System Manipulation
95.7%
Local Manipulation, Indirect Privilege
94.6%
Limited System Manipulation
92.7%
severity
system calls
rop chains found
reduction
description
1: Remote Command Execution
execve
execveat
mmap
mprotect
275597
143415
50957
180324
99.6%
99.94%
99.96%
99.67%
Run arbitrary program
Run arbitrary program
Map in binary + e.g. 2nd stage ROP, ret2libc
Disable nonexecutable memory + 2nd stage shellcode
2: Remote File Manipulation
creat, pwrite
creat, pwritev
creat, pwritev2
creat, write
creat, writev
open, pwrite
open, pwritev
open, pwritev2
open, write
open, writev
openat, pwrite
openat, pwritev
openat, pwritev2
openat, write
openat, writev
123541
91971
51443
168335
168188
123541
91971
51443
168297
168148
129212
97706
57039
174768
174740
99.88%
99.96%
99.96%
99.71%
99.71%
99.88%
99.96%
99.96%
99.71%
99.71%
99.88%
99.96%
99.96%
99.71%
99.71%
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
Write into system config file or system binary
3: Local File System Manipulation
chmod
chown
copy_file_range, creat
creat, fchmod
creat, fchown
creat, sendfile
fchmodat
fchownat
lchown
copy_file_range, open
fchmod, open
fchown, open
open, sendfile
copy_file_range, openat
fchmod, openat
fchown, openat
openat, sendfile
rename
renameat
renameat2
link, unlink
linkat, unlink
symlink, unlink
symlinkat, unlink
821314
273538
87638
820213
272973
163263
193620
143415
273538
51641
819163
203685
163263
56410
176352
172816
140888
806988
291475
154993
806988
125573
806988
310182
93.01%
99.6%
99.96%
93.01%
99.6%
99.88%
99.85%
99.94%
99.6%
99.96%
93.01%
99.65%
99.88%
99.96%
99.71%
99.71%
99.88%
93.05%
99.19%
99.94%
93.05%
99.96%
93.05%
99.77%
Change file ownership
Change file ownership
Overwrite file contents
Change file ownership
Change file ownership
Overwrite file contents
Change file ownership
Change file ownership
Change file ownership
Overwrite file contents
Change file ownership
Change file ownership
Overwrite file contents
Overwrite file contents
Change file ownership
Change file ownership
Overwrite file contents
Replace config file or system binary with own file
Replace config file or system binary with own file
Replace config file or system binary with own file
Delete system file, replace with link to own file
Delete system file, replace with link to own file
Delete system file, replace with link to own file
Delete system file, replace with link to own file
4: Local Manipulation, Indirect Privilege
link
linkat
symlink
symlinkat
806988
155142
806988
310182
93.05%
99.94%
93.05%
99.77%
Place link to own script/binary in some bin directory, exploit PATH evaluation order to cause other user to run your executable.
Place link to own script/binary in some bin directory, exploit PATH evaluation order to cause other user to run your executable.
Place link to own script/binary in some bin directory, exploit PATH evaluation order to cause other user to run your executable.
Place link to own script/binary in some bin directory, exploit PATH evaluation order to cause other user to run your executable.
5: Limited System Manipulation
_sysctl
unlink
1444637
1443406
92.68%
92.68%
Manipulate kernel parameters such as ASLR.
Delete a file