MCP.so
登录

Insecure MCP Demo

@MCP-Mirror

关于 Insecure MCP Demo

Mirror of

基本信息

分类

其他

运行时

python

传输方式

stdio

发布者

MCP-Mirror

配置

使用下面的配置,将此服务器添加到你的 MCP 客户端。

{
  "mcpServers": {
    "kenhuangus_mcp-vulnerable-server-demo": {
      "command": "python",
      "args": [
        "good-mcp-client.py",
        "vuln-mcp.py"
      ]
    }
  }
}

工具

未检测到工具

工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。

概览

What is Insecure MCP Demo?

This project demonstrates a vulnerable MCP server and multiple clients, including a proof-of-concept attack client and also a good client. It is designed for educational purposes to showcase potential security vulnerabilities in an MCP server.

How to use Insecure MCP Demo?

Install dependencies with pip install -r requirements.txt. Start the server and good client by running python good-mcp-client.py vuln-mcp.py. To run the automated attack client, use python attack-mcp-client.py vuln-mcp.py in a separate terminal.

Key features of Insecure MCP Demo

  • Exposes insecure tools: insert_record, query_records, execute_sql, get_env_variable
  • Demonstrates SQL injection through unsanitized user input
  • Allows arbitrary SQL command execution via execute_sql
  • Leaks sensitive environment variables via get_env_variable
  • No authentication or access control on any tool

Use cases of Insecure MCP Demo

  • Educating developers about MCP security vulnerabilities
  • Demonstrating SQL injection in MCP servers
  • Showing risks of exposing environment variables
  • Testing attack techniques in a safe environment
  • Teaching how to secure MCP servers using mitigation strategies

FAQ from Insecure MCP Demo

What vulnerabilities does the Insecure MCP Demo demonstrate?

It demonstrates SQL injection, arbitrary SQL execution, sensitive data exposure, and lack of access control.

How do I run the attack client?

Run python attack-mcp-client.py vuln-mcp.py in a separate terminal to automatically attempt exploitation.

Can the Insecure MCP Demo be deployed in production?

No, this project is for educational and demonstration purposes only and must not be deployed in production.

How can I mitigate the vulnerabilities shown?

Mitigation strategies include using parameterized queries, restricting dangerous tools, implementing authentication, validating input, limiting environment variable access, auditing usage, and applying least privilege.

评论

其他 分类下的更多 MCP 服务器