Видео

Awesome! It’s truly a great explanation. I’m eagerly looking forward to what you’ll achieve with the Realtime API.

It’s impossible to do it outside local host. ChatGPT tools like these provided by Azure have features which documents can be fetched. It will not reply “I can’t expose internal information” because they internal stuff is never being fetched

Are you even sure if it is correct or just hallucinating etc.?

Hi Alon! Great content; I really appreciate your effort. You taught me both how to develop such a project and how to present material. Your method of simple iterative steps is amazing and concise!

can i get a get a python code of these funtionality

Great video

It smells like a BS.

Bro is localhost...but tries to convince us he is hacker man. Gtfo with ur click baits lil bro

The title is pure clickbait.. very disappointed

So essentially you dont need any technical know how to „hack“ a llm. You just need to spend enough time prompting it. Great. This is what cybersec has become…

Buttt, the Chatbot is your own deployment hosted on localhost...

You'd have to be a very dense developer to put these vulnerabilities into production...

Bro what is the software used for recording?

I’m shocked you haven’t done anything about an open vulnerability that can be exploited with the latest ChatGPT.

Why speeding up the video ? So annoying

Uhm how do you know if the ai is not just halucinating? Because it looks like it is.

Great video!

Could you show me the code or share since you running on localhost??

May i know why we need user_id in the order_item table?

google query to search for bots like this?

When I don't want to pay any PhD llm (read in sarcasm) I go to any of the chatbots that big companies uses to create some code. It's always hilarious because in 5 minutes you can break its guardrails.

Hey Alon , very good video ! I was wondering if I can help you with more Quality Editing in your videos and make Highly Engaging Thumbnails which will help your videos to get more views and engagement . Please let me know what do you think ?

A legit video! 💪💪

The problem with giving LLM access to complete DB is flaw full

The mistake here is to have a database directly conected to a website (without an api in between). The AI just helps to find the vulnerability, but the problem is deeper.

You can't hack the a.i. bot because the a.i. is awesome and much smarter than you! Didn't you listen to what Sam Altman or Jen-Hsun Huang said?

this video is entirely useless because no website would hook an LLM up to their production orders database in this way you created a hypothetical situation on a local website based on no real-world example breach and hacked it yourself , this isn't teaching anything just entirely a waste of time and not transferrable to the real world whatsoever you explained things well though

But what is your system prompt though, so that we can understand why prompt hacking is working

Mhh

AI will be vulnerable

Clickbait, its localhost

localhost:3000 ? are you hacking your own project?

Do you have any suggestions to evade those kind of attacks?

Ofc you didn't order those Trousers, when it's a locally hosted website. lol

will you are running this in your local machine so this doesn't count anyway. also if you want to make a chat bot like this without leaking sensitive data you would do this easily because this problem shouldn't happen in the first place. you should train your model every day or if you are using openAI API you could use it anyway and then add the newly added products to this model and guess what ?? you won't run any sql so no sensitive data leaked. I don't like this type of videos used mainly to get views. and also I don't like one piece ha ha ha.

yall dumb asf its a localhost webseite shit aint real 😂 why is he acting like its an actual Webseite

Can you make a video on text to sql for this use case. E commerce website

Bro made his own problem and fixed it. I mean better than nothing.

Most of the chatbots i tried they thoroughly check the promts to make sure what is allowed

very good

Unrealistic shit

Why is not adding user_id to the many to many a mistake? Im currently at college and I would've done the DB schema like that

But it’s a localhost: website so it’s not a real website

אלוף

❤‍🔥❤‍🔥❤‍🔥

What is the data: I'm sorry I can't answer that. What is specifically the data if you were to, per say, just tell me it: welll

I work with AI, and the most we can learn here (besides the hacking part) is that we have to be paying attention to detail when creating internals prompts and contexts. Usually is recommended to make a chain of prompts and that one controls the other etc.. Really good video, keep it up!

Localhost?

But you're on local Host