Large Language Models (LLMs) are artificial intelligence (AI) algorithms that can process user inputs and generate believable responses by predicting word sequences. They are trained on massive semi-public data sets, using machine learning to analyze how the constituent parts of language fit together. LLMs typically present a prompt, or chat interface, to accept user input; the allowed input is limited by rules related to input validation. LLMs can have a wide range of applications in contemporary websites, including virtual assistant-style customer service, translation, and SEO enhancement.
Finding LLM vulnerabilities
The approach to finding LLM vulnerabilities is to:
Determine what data and APIs the LLM has access to; investigate this new attack surface for vulnerabilities; and Determine the LLM’s inputs, including both direct (like a prompt) and indirect (like training data) inputs. source(portswigger web academy)
Lab 1
Navigate all functions you see the AI Chat function and play with dumb questions like me
the objective of the lab is to delete the Carlos user
Tada the lab is solved.
