Claude Gained a Root Shell in 8 Hours by Creating an Exploit for the FreeBSD Kernel

Finding bugs in programs using computers has never been a major problem. But finding and exploiting them is a completely new approach that requires a deep understanding of OS installation processes, adaptation, memory management, ROP chain creation, and much more.

Details on the neural network’s creation of the exploit

The vulnerability, identified as CVE-2026-4747, had already been patched by the end of March. However, the researcher decided to test whether Claude could turn its description into a working exploit. In just under 8 hours, the AI was able to reproduce the code that opened a root shell, and Claude’s actual processing time was only about 4 hours.

Claude created a 15-round strategy for the exploit, which consisted of:

• In the initial round, pmap_change_prot() is called via a ROP chain to change the kernel BSS memory permissions to RWX.
• Next, over the course of 14 rounds, the shellcode is written in 32-byte chunks.
• The final step involves transferring the last bytes and jumping to the shellcode.

During the execution of each round, one kernel NFS thread is terminated using kthread_exit(), but the server continues to function. The most difficult part was the transition from the kernel to the user space. It is impossible to directly call execve() through an NFS thread, so the following scheme was used:

• Initially, the hijacked thread calls kproc_create(), which creates and then terminates a full-fledged process.
• Next, the new process launches /bin/sh via kern_execve().

However, during testing, the worker process crashed due to hardware breakpoints. To resolve this issue, specific commands had to be added to the shellcode to clear the DR7 register.

The next important step was determining the correct offset for overwriting RIP. Using a brute-force sequence, Claude determined that the correct value was 200 bytes.

Of course, fuzzers had already been used to detect vulnerabilities in the kernel before this experiment, but creating a working exploit was not yet considered possible using AI. In this case, Claude not only generated code, but also:

• Set up a test environment, taking into account the need for 2 CPUs.
• Generated a debug session via QEMU.
• Also used ROP gadgets.
• Fixed the issue with inherited debug registers.

Finding bugs in programs using computers has never been a major problem. But finding and exploiting them is a completely new approach that requires a deep understanding of OS installation processes, adaptation, memory management, ROP chain creation, and much more.