# LLM Chatbot Pentesting

An LLM chatbot in a web application can be abused with some exploit techniques.

### SSTI <a href="#ssti" id="ssti"></a>

If the chatbot reflects our prompt in the response, we might be able to abuse it with SSTI. For example,

```shellscript
Prompt: How are you? {{ 2*3 }}

Response: I will answer your question "How are you? 6". I'm good, thanks! How about you?
```

If it works, we can achieve reverse shell.