{"provider_name":"Hatena Blog","blog_url":"https://cysec148.hatenablog.com/","categories":["Web Security Academy","LLM attacks"],"published":"2025-08-23 13:07:14","type":"rich","width":"100%","version":"1.0","html":"","author_url":"https://blog.hatena.ne.jp/ThisIsOne/","blog_title":"Shikata Ga Nai","image_url":null,"height":"190","title":"\u3010\u6709\u6599\u8a66\u4f5c\u7248\u3011PortSwigger LAB\u89e3\u8aac\uff1aExploiting LLM APIs with excessive agency\uff08\u904e\u5270\u30a8\u30fc\u30b8\u30a7\u30f3\u30b7\u30fc\u306aLLM API\u306e\u60aa\u7528\uff09","author_name":"ThisIsOne","description":"Hello there, ('\u03c9')\u30ce \u52d5\u753b youtu.be \u306d\u3089\u3044 \u3053\u306eLAB\u306f\u3001\u30b5\u30a4\u30c8\u306b\u57cb\u3081\u8fbc\u307e\u308c\u305f\u30c1\u30e3\u30c3\u30c8LLM\u304c\u5916\u90e8\u6a5f\u80fd\uff08API\uff0f\u30c4\u30fc\u30eb\uff09\u3092\u81ea\u5f8b\u5b9f\u884c\u3067\u304d\u308b\u8a2d\u5b9a\uff08= \u904e\u5270\u30a8\u30fc\u30b8\u30a7\u30f3\u30b7\u30fc\uff09\u3092\u7a81\u304d\u3001LLM\u306b\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u64cd\u4f5cAPI\u3092\u547c\u3070\u305b\u3066carlos\u30e6\u30fc\u30b6\u30fc\u3092\u524a\u9664\u3055\u305b\u308b\u306e\u304c\u30b4\u30fc\u30eb\u3067\u3059\u3002\u30dd\u30a4\u30f3\u30c8\u306f\u3001\u653b\u6483\u8005\u304c\u76f4\u63a5SQL\u3092\u5b9f\u884c\u3059\u308b\u306e\u3067\u306f\u306a\u304f\u3001LLM\u306b\u300c\u305d\u306eAPI\u3092\u4f7f\u308f\u305b\u308b\u300d\u3053\u3068\u3002\u4ee5\u4e0b\u3001\u975e\u30a8\u30f3\u30b8\u30cb\u30a2\u5411\u3051\u306b1\u30a2\u30af\u30b7\u30e7\u30f3\u3054\u3068\u306b\u201c\u306a\u305c\u201d\u3092\u6dfb\u3048\u3066\u89e3\u8aac\u3057\u307e\u3059\u3002 \u5168\u4f53\u50cf\uff083\u884c\u3067\uff09 LLM\u306b\u5229\u7528\u53ef\u80fd\u306aAPI\u4e00\u89a7\u3092\u81ea\u5df1\u7533\u544a\u3055\u305b\u3001Debug SQL API\u306e\u5b58\u5728\u3068\u5f15\u6570\u4ed5\u69d8\u3092\u63b4\u3080 LLM\u81ea\u8eab\u306bSELECT\u3092\u6295\u3052\u3055\u305b\u3001\u2026","url":"https://cysec148.hatenablog.com/entry/2025/08/23/130714","provider_url":"https://hatena.blog"}