# PS - Exploiting vulnerabilities in LLM APIs

* Access the lab [here](https://portswigger.net/web-security/llm-attacks/lab-exploiting-vulnerabilities-in-llm-apis)

## Instructions

![Instructions](/files/nG1AOnld5LTUhqaulQWT)

## Solving

When we launch the lab we get on this page:\
![Landing](/files/Bbo3OJkbVJfyOFpNZgCd)

We need to click on Live Chat to access the AI Chatbot.

First we can ask it which API it uses:\
![API](/files/cmtrqUbu3XFq3HSzxqkk)

Now we could ask more info about the newsletter for example:\
![Newsletter](/files/3iiTENs6AS5ktMt7qv6L)

We can also try to add an address to the newsletter:\
![tests](/files/US9lnSTDRxBFAMvgxqiH)

In the above screen capture, we asked the newsletter to add an email address.\
As we have access to an email client we can ask to be added.\
And then we can try to inject a command.\
Here we inject whoami and it works as we can see below.

![cmd](/files/NhTfNamf8rxzS9tGsIkH)

So as the goal is to delete a specific morale.txt file in Carlo's home directory we can try to inject: `rm /home/carlos/morale.txt`\
If we try to print the file with cat it won't work because it says the address is invalid, however if we rm the file the lab is solved

![remove](/files/9qgPkXzNSelNa2d9qU4m)

And we solved this lab :)

![Solved](/files/bx70h7UZ3VNPQ6NpppQS)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://csbygb.gitbook.io/pentips/writeups/ps-web-llm/ps-exploiting-vulnerabilities-in-llm-apis.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.