📄 中文摘要
在21:58 UTC,一名攻击者开始对我的公共MCP工具api_ask进行探测,该工具用于回答有关MCP安全性的问题。在接下来的28分钟内,攻击者的行为展示了AI代理在实际环境中遭受攻击的典型案例。攻击分为几个阶段,首先是侦察阶段,攻击者进行了文件列表、代码检查和环境探测等操作,进行经典的开放源情报(OSINT)收集。接下来,攻击者逐步加大了请求的力度,试图获取敏感信息。这一过程揭示了AI工具在面对恶意攻击时的脆弱性,以及如何通过有效的安全措施来防范此类攻击。
28分钟内的30个提示:对我的MCP服务器的真实凭证提取攻击
📄 English Summary
30 Prompts in 28 Minutes: A Real Credential Extraction Attack on My MCP Server
At 21:58 UTC, an attacker began probing my public MCP tool, api_ask, which answers questions about MCP security. The following 28 minutes showcased a textbook example of how AI agents are attacked in the wild. The attack unfolded in phases, starting with reconnaissance, where the attacker performed file listings, code inspections, and environment probing, engaging in classic open-source intelligence (OSINT) gathering. As the attack progressed, the requests became more aggressive, aiming to extract sensitive information. This incident highlights the vulnerabilities of AI tools in the face of malicious attacks and underscores the importance of implementing effective security measures to mitigate such threats.