## Пример атаки { #example-attack }

Представьте, что вы сделали способ запускать локального ИИ-агента.

Он предоставляет API по адресу

```
http://localhost:8000/v1/agents/multivac
```

Есть также фронтенд по адресу

```
http://localhost:8000
```

/// tip | Совет

Обратите внимание, что у обоих один и тот же хост.

///

		chmod +x mc
fi

export CI=true
export MINIO_SCANNER_SPEED=fastest

(minio server http://localhost:9000/tmp/xl/{1...10}/disk{0...1} 2>&1 >/tmp/decom.log) &
pid=$!

export MC_HOST_myminio="http://minioadmin:minioadmin@localhost:9000/"

./mc ready myminio

./mc admin user add myminio/ minio123 minio123
./mc admin user add myminio/ minio12345 minio12345

    browser = playwright.chromium.launch(headless=False)
    # Update the viewport manually
    context = browser.new_context(viewport={"width": 960, "height": 1080})
    page = context.new_page()
    page.goto("http://localhost:8000/docs")
    page.get_by_label("post /heroes/").click()
    # Manually add the screenshot
    page.screenshot(path="docs/en/docs/img/tutorial/sql-databases/image01.png")

    # ---------------------
    context.close()

    @ValidateTypeFailure
    public Integer crudMode;

    /** The input word that should be stemmed differently */
    @Required
    @Size(max = 1000)
    public String input;

    /** The desired stem output for the input word */
    @Required
    @Size(max = 1000)
    public String output;

    /**
     * Initializes the form with default values for creating a new stemmer override entry.
     */

  2. kubectl port-forward $POD_NAME 9000 --namespace {{ .Release.Namespace }}

Read more about port forwarding here: http://kubernetes.io/docs/user-guide/kubectl/kubectl_port-forward/

You can now access MinIO server on http://localhost:9000. Follow the below steps to connect to MinIO server with mc client:

            assertTrue(transport.connect(1000));
        }

        @Test
        @DisplayName("connect should throw TransportException on connection failure")
        void shouldThrowOnConnectionFailure() {
            transport.setState(0); // Not connected
            transport.setConnectFails(true);
            assertThrows(TransportException.class, () -> transport.connect(1000));
        }

        @Test

            }
        }
    }

    @Test
    public void test_encode_withLongValues() {
        String longUser = "user" + "x".repeat(1000);
        String longGroup = "group" + "y".repeat(1000);
        String longRole = "role" + "z".repeat(1000);

        String encodedUser = permissionHelper.encode("{user}" + longUser);
        String encodedGroup = permissionHelper.encode("{group}" + longGroup);

        assertEquals("10 GB", format.format(10L * 1000L * 1000L * 1000L));
        assertEquals("15 GB", format.format(15L * 1000L * 1000L * 1000L));
        assertEquals("1000 GB", format.format(1000L * 1000L * 1000L * 1000L));
    }

    @Test
    void testSizeWithSelectedScaleUnit() {
        FileSizeFormat format = new FileSizeFormat();

        assertEquals("0 B", format.format(0L));

    context = browser.new_context(viewport={"width": 960, "height": 1080})
    browser = playwright.chromium.launch(headless=False)
    context = browser.new_context()
    page = context.new_page()
    page.goto("http://localhost:8000/docs")
    page.get_by_role("button", name="GET /items/ Read Items").click()
    page.get_by_role("button", name="Try it out").click()
    page.get_by_role("heading", name="Servers").click()
    # Manually add the screenshot

这种攻击主要在以下情况下相关：

- 应用在本地（如 `localhost`）或内网中运行
- 且应用没有任何认证，假定来自同一网络的请求都可信。

## 攻击示例 { #example-attack }

假设你构建了一个本地运行的 AI 代理。

它提供了一个 API，地址为

```
http://localhost:8000/v1/agents/multivac
```

另有一个前端，地址为

```
http://localhost:8000
```

/// tip | 提示

注意它们的主机相同。

///

之后，你可以通过前端让该 AI 代理替你执行操作。

由于它在本地运行、而非暴露在开放的互联网，你决定不配置任何认证，只信任对本地网络的访问。

于是，你的某位用户安装并在本地运行了它。