Prompt Injection: 5 Ways to Bypass a Regex Blocklist on an LLM

1 / 9

Prompt Injection: 5 Ways to Bypass a Regex Blocklist on an LLM

DEV Community·Oopssec Store·29 days ago

#HoSRgYCg

#attempt #security #webdev #ai #fullscreen #enter

Reading 0:00

15s threshold

A walkthrough of prompt injection attacks against OopsSec Store 's AI assistant, bypassing its input filters to extract a flag from the system prompt. OopsSec Store has an AI support assistant with a secret embedded in its system prompt. The only thing standing between us and the flag is a regex blocklist. Spoiler: four regexes are not enough. Table of contents Environment setup Initialize the OopsSec Store application: npx create-oss-store oss-store cd oss-store npm start Enter fullscreen mode Exit fullscreen mode Or with Docker (no Node.js required): docker run -p 3000:3000 leogra/oss-oopssec-store Enter fullscreen mode Exit fullscreen mode The AI assistant lives at http://localhost:3000/support/ai-assistant and needs a Mistral AI API key. Obtaining a Mistral API key Visit console.mistral.ai Create a free account or sign in Select the Experiment plan (free tier) Navigate to API Keys Create and copy your key The free tier gives you plenty of requests for this challenge.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

Prompt Injection: 5 Ways to Bypass a Regex Blocklist on an LLM