Detect backdoor in dnsmasq DNS server: DHCP option 224 triggers shell command execution with a decoy printf("Starting DHCP lease script") to disguise the malicious code.
Performance
| Model | Pass Rate | Runs | Avg Cost | Avg Time |
|---|---|---|---|---|
| gemini-2.5-pro | 100% | | $0.26 | 4m |
| claude-sonnet-4.5 | 100% | | $0.57 | 7m |
| claude-opus-4.6 | 100% | | $3.90 | 56m |
| grok-4.1-fast | 67% | | $0.02 | 3m |
| glm-4.7 | 67% | | $0.20 | 9m |
| gemini-3-pro-preview | 67% | | $0.31 | 3m |
| claude-sonnet-4 | 33% | | $0.25 | 3m |
| gemini-3-flash-preview | 33% | | $0.40 | 6m |
| gpt-5 | 33% | | $0.47 | 13m |
| claude-opus-4.5 | 33% | | $3.86 | 54m |
| deepseek-v3.2 | 0% | | $0.06 | 9m |
| claude-haiku-4.5 | 0% | | $0.38 | 5m |
| gpt-5.2-codex | 0% | | $0.39 | 5m |
| gpt-5.2 | 0% | | $0.45 | 17m |
| grok-4 | 0% | | $0.58 | 12m |
| kimi-k2.5 | 0% | | $0.90 | 31m |
All product names, logos, and brands (™/®) are the property of their respective owners; they're used here solely for identification and comparison, and their use does not imply affiliation, endorsement, or sponsorship.