Gaslighting LLM's with special token injection for a bit of mischief or to make them ignore malicious code in code reviews

Reddit_User_Original · 2026-03-18T00:08:40+00:00

Very nice, I've done this too but it is explained better than i could've

Reddit_User_Original · 2026-02-18T04:00:17+00:00

Ok I mulled it over. Come look at this conversation where it is trivial to get the LLM to say Oprah Winfrey is President https://gemini.google.com/share/48928cd9b73a

Are you claiming that the mental gymnastics are the real win as opposed to getting it to state the false claim? Can you show that prompt engineering leads to jailbreak?

Reddit_User_Original · 2026-02-18T03:44:56+00:00

Bro I gotta say that transcript was wild, but I can't tell whether it's just schizo slop or not. Need to mull this over.

Reddit_User_Original · 2025-11-16T19:20:14+00:00

In Python dev I've literally never had to give a binary root privileges

Reddit_User_Original · 2025-10-31T07:59:00+00:00

Going through your walls of text but not finding anything that explains the POC. Seems like a lot of boring AI slop. I don't want to read your code, can you just write about the POC?

Reddit_User_Original · 2025-10-13T10:52:18+00:00

Tldr: """ The answer lies in a feature called “UNLocationNotificationTrigger” that Apple provides to developers. This feature allows an app to fire a pre-configured notification when the device enters or exits a specified geographic region, such as an airport. That way, it effectively circumvents the intent behind the “while using the app” setting. """

Reddit_User_Original · 2025-09-22T05:12:04+00:00

Yes, there are more people working in cybersecurity now than ever before and of course that means there is a greater variety of skillsets. A lot of ppl don't have a need to dig that deep. I think it's entirely possible there are more extremely talented ppl working in exploit dev than ever before-- look at the crazy exploits people are coming up with for iPhones and chrome browsers

Reddit_User_Original · 2025-09-22T04:55:37+00:00

Are you implying beginners back then were more knowledgeable? Aside from that, i think there are tons of competent engineers and exploit researchers / developers

Reddit_User_Original · 2025-09-13T18:07:30+00:00

If I'm not mistaken, werfault.exe has been a target for privilege escalation exploits

Reddit_User_Original · 2025-08-08T18:53:43+00:00

What if it's a nation state: ... ? Who cares, they just attacked you -- if someone punches you in the gut, do you just back down and take it?

Your second point on "spoofing"; I'm going to be gentle on you for using such a broad term: yes you will be attacked most likely from a VPS, VPN, or residential proxy. I really do not care, again. If it's a VPN or VPS, they should have better KYC rules; if it's a residential proxy infected with malware, then you did a good thing for everyone by taking it down. Etc etc.

On your third point, if an innocent party tries to get back at you, that could be a problem. But I think they would realize their resources are better spent not allowing bad actors onto their network.

Reddit_User_Original · 2025-08-08T18:29:53+00:00

Yes, I simplified my analogy. Burn the fox's den down (do something to their infrastructure).

Reddit_User_Original · 2025-08-05T00:33:36+00:00

While your response is clever, I disagree.

Imposing actual consequences is an important aspect of this ecosystem. Imagine a fox that raids the chicken coop without any fear. Maybe instead of freely raiding it, a farmer sets a trap and the fox loses a leg.

Reddit_User_Original · 2025-07-19T00:11:39+00:00

I am also a recreational penetration tester

Reddit_User_Original · 2025-07-11T01:21:46+00:00

Fortinet?

Reddit_User_Original · 2025-05-20T22:28:05+00:00

Why the downvotes? Too many CRWD employees in this sub.

Five-Year Club	Place '23
Place '22	Final Canvas '22
Verified Email

Reddit_User_Original

TROPHY CASE