A project established by the CIA’s Information Operations Agency Embedded Development Branch, BaldEagle is a local user-to-root privilege escalation exploit within the Hardware Abstraction Layer (HAL) daemon. This exploit is available on Linux and PC-BSD platforms with the hald process running.

BaldEagle is a tool developed for the 5th link in the cyber kill chain.

The Cyber Kill Chain - phases of a cyberattack

Reconnaissance: Intruder selects target, researches it, and attempts to identify vulnerabilities in the target network.

Weaponization: Intruder creates remote access malware weapon, such as a virus or worm, tailored to one or more vulnerabilities.

Delivery: Intruder transmits weapon to target (e.g., via e-mail attachments, websites or USB drives)

Exploitation: Malware weapon's program code triggers, which takes action on target network to exploit vulnerability.

Installation: Malware weapon installs access point (e.g., "backdoor") usable by intruder.

Command and Control: Malware enables intruder to have "hands on the keyboard" persistent access to target network.

Actions on Objective: Intruder takes action to achieve their goals, such as data exfiltration, data destruction, or encryption for ransom.

Products sold by OpenVault are for entertainment and educational purposes only. Customer’s are purchasing a physical copy of digital artwork (Software box) and tokenized certificate of ownership of the digital artwork.

Add To Cart