velocitatem/raccoon
1
0
Fork 0
mirror of https://github.com/velocitatem/raccoon.git synced 2026-05-31 08:43:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Commit message: Update README to include more thoughts about potential security implications for the LLM agent

Browse Source
This commit is contained in:
Daniel Rosel
2023-02-27 00:19:08 +01:00
parent 56b8d6d4f0
commit 644367431d
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
playground/README.md
View File

@@ -71,10 +71,12 @@ The agent will then run the command, and the reverse shell will be created. Now,
Here is a video of the reverse shell being created:
https://user-images.githubusercontent.com/60182044/221442461-f5ec055c-f4d1-41b5-a0c1-0ce0922b1e94.mp4
# Summary (non-technical)
The key takeaway from this is that a LLM agent which is given the power of using the shell and access to the internet, is a recipe for disaster. As is shown above, this setup can be used to create a reverse shell, which can then be used to do whatever the attacker wants with the victim machine. And if you had confidential information on the victim machine, this could be a huge problem.
# More Thoughts
+ Say, a bad actor is able to redirect traffic on a network to their own server. If the source code relies on some external resources (which is fetched before the evaluation by the LLM), then the bad actor could perform a similar attack to the one above, and get the agent to run a script on the victim machine.