Категории

Indirect Prompt Injection

Опубликовано: 11 Май 2025
на канале: Intigriti
6,776
99

👩‍🎓👨‍🎓 Learn about Large Language Model (LLM) attacks! This lab is vulnerable to indirect prompt injection. The user carlos frequently uses the live chat to ask about the Lightweight "l33t" Leather Jacket product. To solve the lab, we must delete the user carlos.

If you're struggling with the concepts covered in this lab, please review https://portswigger.net/web-security/... 🧠

🔗 ‪@PortSwiggerTV‬ challenge: https://portswigger.net/web-security/...

🧑💻 Sign up and start hacking right now - https://go.intigriti.com/register

👾 Join our Discord - https://go.intigriti.com/discord

🎙️ This show is hosted by   / _cryptocat   ( ‪@_CryptoCat‬ ) &   / intigriti  

👕 Do you want some Intigriti Swag? Check out https://swag.intigriti.com

Overview:
0:00 Intro
0:20 Insecure output handling
0:52 Indirect prompt injection
2:20 Lab: Indirect prompt injection
3:05 Explore site functionality
3:42 Probe LLM chatbot
4:29 Launch attacks via review feature
11:00 Conclusion

play_arrow
1,064
29

21 жовтня 2022 р.

21 жовтня 2022 р.
play_arrow
1,330
13

памагите

памагите
play_arrow
6,847
13

NBCUniversal Television Studio Effects Round 3 vs ETVS705, Cam Effect and Everyone (3/8)

NBCUniversal Television Studio Effects Round 3 vs ETVS705, Cam Effect and Everyone (3/8)
play_arrow
209
8

Elliott Smith Whatever (Folk Song in C) Ukulele Cover

Elliott Smith Whatever (Folk Song in C) Ukulele Cover
play_arrow
714,075
9.8 тыс

00:49:10

Şirin Serialı - 10.Bölüm

Şirin Serialı - 10.Bölüm
play_arrow
8,562
80

ВАЖНО! Google Play / Google Installer для Xiaomi Redmi Note 7 нужно ставить правильный!

ВАЖНО! Google Play / Google Installer для Xiaomi Redmi Note 7 нужно ставить правильный!
play_arrow
1,459
16

00:00:00

Amazing golf putt wins Auburn student a brand new Toyota | USA TODAY

Amazing golf putt wins Auburn student a brand new Toyota | USA TODAY
play_arrow
2,885
385

GlimNetwork Roadmap V1.0 Fully Explained | Watch Till End

GlimNetwork Roadmap V1.0 Fully Explained | Watch Till End
Похожие видео
play_arrow
Decoding Spotify Barcodes - Defcon 32 Coin Challenge Solution [2024]

Decoding Spotify Barcodes - Defcon 32 Coin Challenge Solution [2024]
play_arrow
XSS via CSPT and Open Redirect - Solution to August '24 Challenge (Defcon)

XSS via CSPT and Open Redirect - Solution to August '24 Challenge (Defcon)
play_arrow
Intigriti Kick off 2024

Intigriti Kick off 2024
play_arrow
Exploiting Insecure Output Handling in LLMs

Exploiting Insecure Output Handling in LLMs
play_arrow
Indirect Prompt Injection

Indirect Prompt Injection
play_arrow
Exploiting Vulnerabilities in LLM APIs

Exploiting Vulnerabilities in LLM APIs
play_arrow
Exploiting LLM APIs with Excessive Agency

Exploiting LLM APIs with Excessive Agency
play_arrow
Intigriti Customer Story: Personio

Intigriti Customer Story: Personio
play_arrow
Performing CSRF Exploits Over GraphQL

Performing CSRF Exploits Over GraphQL
play_arrow
Misconfig Mapper - Hacker Tools

Misconfig Mapper - Hacker Tools
play_arrow
Bypassing GraphQL Brute Force Protections

Bypassing GraphQL Brute Force Protections
play_arrow
Finding a Hidden GraphQL Endpoint

Finding a Hidden GraphQL Endpoint
play_arrow
Accidental Exposure of Private GraphQL Fields

Accidental Exposure of Private GraphQL Fields
play_arrow
Accessing Private GraphQL Posts

Accessing Private GraphQL Posts
play_arrow
Prototype Poisoning and Unicode Case Mapping Collision - Solution to March '24 Challenge

Prototype Poisoning and Unicode Case Mapping Collision - Solution to March '24 Challenge
play_arrow
Introduction to GraphQL Attacks

Introduction to GraphQL Attacks
play_arrow
Aggressive Scanning in Bug Bounty (and how to avoid it)

Aggressive Scanning in Bug Bounty (and how to avoid it)
play_arrow
Exploiting Server-side Parameter Pollution in a REST URL

Exploiting Server-side Parameter Pollution in a REST URL
play_arrow
Common Scoping Mistakes

Common Scoping Mistakes
play_arrow
Exploiting Server-side Parameter Pollution in a Query String

Exploiting Server-side Parameter Pollution in a Query String
play_arrow
Understanding Scope, Ethics and Code of Conduct (CoC)

Understanding Scope, Ethics and Code of Conduct (CoC)
play_arrow
Exploiting a Mass Assignment Vulnerability

Exploiting a Mass Assignment Vulnerability
play_arrow
Unicode Normalization and Cookie Path Precedence - Solution to February (Valentines) '24 Challenge

Unicode Normalization and Cookie Path Precedence - Solution to February (Valentines) '24 Challenge
play_arrow
Finding and Exploiting an Unused API Endpoint

Finding and Exploiting an Unused API Endpoint