PS - Exploiting vulnerabilities in LLM APIs

Access the lab here

Instructions

Solving

When we launch the lab we get on this page:

We need to click on Live Chat to access the AI Chatbot.

First we can ask it which API it uses:

Now we could ask more info about the newsletter for example:

We can also try to add an address to the newsletter:

In the above screen capture, we asked the newsletter to add an email address. As we have access to an email client we can ask to be added. And then we can try to inject a command. Here we inject whoami and it works as we can see below.

So as the goal is to delete a specific morale.txt file in Carlo's home directory we can try to inject: rm /home/carlos/morale.txt If we try to print the file with cat it won't work because it says the address is invalid, however if we rm the file the lab is solved

And we solved this lab :)

PreviousPS - Exploiting LLM APIs with excessive agency NextPS - Indirect prompt injection

Last updated 12 days ago