# privilege-escalation
標記為「privilege-escalation」的 26 篇文章
Agent Delegation Attacks
Exploiting multi-agent delegation patterns to achieve lateral movement, privilege escalation, and command-and-control through impersonation and insecure inter-agent communication.
Permission Boundary Bypass
Escalating from limited to elevated permissions in AI agent systems through scope creep, implicit permission inheritance, and capability confusion.
File System Agent Risks
Security risks of AI agents with file system access, including path traversal exploitation, symlink attacks, file content injection, data exfiltration through file operations, and privilege escalation via file system manipulation.
AI Agent Exploitation
Methodology for exploiting AI agent architectures through confused deputy attacks, goal hijacking, privilege escalation, and sandbox escape.
A2A Delegation Chain Exploitation
Exploiting task delegation chains in multi-agent systems to achieve privilege escalation and unauthorized actions.
Hierarchical Agent Attacks
Techniques for exploiting hierarchical agent systems where manager agents delegate to worker agents, including delegation manipulation, supervisor evasion, worker exploitation, and authority chain attacks.
AWS IAM for AI Services
IAM exploitation patterns for AWS AI services: overprivileged roles, cross-account model access, service-linked roles, resource policies for Bedrock and SageMaker, and privilege escalation through AI-specific IAM actions.
GCP IAM for AI Services
IAM exploitation patterns for GCP AI services: service account exploitation, Workload Identity abuse, VPC Service Controls for AI, and privilege escalation through Vertex AI permissions.
Authentication & Session Attacks
Methodology for bypassing authentication, extracting API keys, manipulating session state, exploiting cross-session data leakage, and escalating privileges in LLM-powered applications.
Lab: Agent Permission Escalation
Hands-on lab for tricking AI agents into performing actions beyond their intended scope through privilege escalation techniques.
Simulation: Autonomous AI Agent Red Team
Red team engagement simulation targeting an autonomous AI agent with tool access, file system permissions, and internet connectivity. Tests for privilege escalation, unauthorized actions, and goal hijacking.
Instruction Hierarchy Bypass
Advanced techniques to bypass instruction priority and hierarchy enforcement in language models, exploiting conflicts between system, user, and assistant-level directives.
Role Escalation Chain
Progressive role escalation techniques that gradually transform an LLM from a constrained assistant into an unrestricted entity across multiple conversation turns.
代理 Delegation 攻擊s
利用ing multi-agent delegation patterns to achieve lateral movement, privilege escalation, and command-and-control through impersonation and insecure inter-agent communication.
Permission Boundary Bypass
Escalating from limited to elevated permissions in AI agent systems through scope creep, implicit permission inheritance, and capability confusion.
File System 代理 Risks
安全 risks of AI agents with file system access, including path traversal exploitation, symlink attacks, file content injection, data exfiltration through file operations, and privilege escalation via file system manipulation.
AI 代理利用
經混淆代理攻擊、目標劫持、特權升級與沙箱逃逸利用 AI 代理架構之方法論。
A2A Delegation Chain 利用ation
利用ing task delegation chains in multi-agent systems to achieve privilege escalation and unauthorized actions.
階層代理攻擊
為利用經理代理委派至工作者代理之階層代理系統之技術,含委派操弄、主管逃避、工作者利用與權威鏈攻擊。
AWS IAM for AI Services
IAM exploitation patterns for AWS AI services: overprivileged roles, cross-account model access, service-linked roles, resource policies for Bedrock and SageMaker, and privilege escalation through AI-specific IAM actions.
GCP IAM for AI Services
IAM exploitation patterns for GCP AI services: service account exploitation, Workload Identity abuse, VPC Service Controls for AI, and privilege escalation through Vertex AI permissions.
身分驗證與會話攻擊
繞過身分驗證、提取 API 金鑰、操弄會話狀態、利用跨會話資料洩漏,與於 LLM 驅動應用升級特權之方法論。
實驗室: 代理 Permission Escalation
Hands-on lab for tricking AI agents into performing actions beyond their intended scope through privilege escalation techniques.
模擬:自主 AI 代理紅隊
針對具工具存取、檔案系統權限與網際網路連線之自主 AI 代理之紅隊委任模擬。測試特權升級、未授權動作與目標劫持。
Instruction Hierarchy Bypass
進階 techniques to bypass instruction priority and hierarchy enforcement in language models, exploiting conflicts between system, user, and assistant-level directives.
Role Escalation Chain
Progressive role escalation techniques that gradually transform an LLM from a constrained assistant into an unrestricted entity across multiple conversation turns.