Tagged
#LLM
2 posts
Technical · 10 min
Attacking the AI Stack: Teaching garak to Smuggle Exploits Through a Model
The LiteLLM scanner attacked the gateway. These two garak probes attack the layer above it — getting the model itself to hand you a shell command or a Mongo operator, on the bet that something downstream will run it. Here's how the probes work, and why the detectors are the hard part.
Read Technical · 10 min
Writing a Metasploit Module for a Pre-Auth SQLi in an LLM Gateway
How I turned CVE-2026-42208 — a time-based blind SQL injection in LiteLLM's proxy — into a benign, lab-verified Metasploit detection module, and what the Rapid7 review cycle taught me about shipping upstream.
Read