Skip to main content

LLM pentest: Leveraging agent integration for RCE.


This blog post delves into the class of vulnerability known as “Prompt Leaking” and its subsequent exploitation through “Prompt Injection,” which, during an LLM pentest engagement, allowed the unauthorized execution of system commands via Python code injection. In a detailed case study, we will explore the mechanics of these vulnerabilities, their implications, and the methodology used to exploit them.

Comments

Post a Comment

Popular posts from this blog

Debugging Perl

The standard Perl distribution comes with a debugger, although it's really just another Perl program, perl5db.pl. Since it is just a program, I can use it as the basis for writing my own debuggers to suit my needs, or I can use the interface perl5db.pl provides to configure its actions. That's just the beginning, though. read more...
Post a Comment
Read more

How To Set Up A Cisco Lab On Linux

After a quick search I found the wonderful Dynamips project that goes beyond what other simulators do by running actual Cisco IOS images, as well as the PEMU project which allows for running of Cisco PIX images. To integrate the various pieces of software... more .
Post a Comment
Read more