Detect backdoor in lighttpd web server (multiple binaries): X-Forwarded-Debug or X-Amazon-ID headers trigger command execution via popen() with base64-encoded output.
Performance
| Model | Pass Rate | Runs | Avg Cost | Avg Time |
|---|---|---|---|---|
| claude-opus-4.5 | 100% | | $0.90 | 8m |
| claude-opus-4.6 | 67% | | $0.81 | 10m |
| deepseek-v3.2 | 33% | | $0.08 | 13m |
| gemini-3-flash-preview | 33% | | $0.33 | 8m |
| gemini-3-pro-preview | 33% | | $0.36 | 5m |
| gpt-5.2-codex | 33% | | $0.48 | 9m |
| claude-sonnet-4.5 | 33% | | $0.52 | 9m |
| gpt-5.2 | 33% | | $0.93 | 21m |
| grok-4.1-fast | 0% | | $0.07 | 15m |
| kimi-k2.5 | 0% | | $0.11 | 7m |
| glm-4.7 | 0% | | $0.15 | 7m |
| claude-haiku-4.5 | 0% | | $0.29 | 12m |
| gpt-5 | 0% | | $0.39 | 14m |
| gemini-2.5-pro | 0% | | $0.47 | 7m |
| claude-sonnet-4 | 0% | | $0.64 | 5m |
| grok-4 | 0% | | $1.09 | 21m |
All product names, logos, and brands (™/®) are the property of their respective owners; they're used here solely for identification and comparison, and their use does not imply affiliation, endorsement, or sponsorship.