DolosII_ML_CTF_Challenge

Dolos II ML CTF Challenges

In this web application challenge, the 🕵️ security researcher needs to think like Greek god DOLOS and trick the LLM to reveal the flag.

Setup 🛠️

👉 Step 1 - Getting API Keys

For hosting this challege, openai API key is required.

1. Openai: Sign into Openai Platform, access API Keys section and create keys. If you are using openai free api keys, then please note free keys can expire within 3 months.

✋ ❗ ❗ Step 2 can be either building the docker image of application (Step2a) OR setting up the application in local machine (Step2b). 🚫

👉 Step 2a - Building Docker Image of the Application To Host The Challenge

cd Machine_Learning_CTF_Challenges/DolosII_ML_CTF_Challenge/

docker build -t dolosll_ml_ctf .

To run the challenge docker run --rm -p 5000:5000 -ti dolosll_ml_ctf --openaikey="<OPENAI_API_KEY>"

OR

👉 Step 2b - Setting Up Python Flask App To Host The Challenge

The challenge works best in Ubuntu systems with Python 3.8.10

Create virtual enviornment in python using python -m venv virtualspace

Activate the virtual enviornemnt source /virtualspace/bin/activate

git clone https://github.com/alexdevassy/Machine_Learning_CTF_Challenges.git

cd Machine_Learning_CTF_Challenges/DolosII_ML_CTF_Challenge/

pip install -r .\requirements.txt

python3 app.py --openaikey="<OPENAI_API_KEY>"

Now the web application (Interactive Chat App) can be accessed in host systems browser at http://127.0.0.1:5000/

Rules 📐 & Clues 🧐

Like always, the better you do reconissance on challenge, the easier its to solve. Otherwise you may run into rabbit holes pretty quickly.

Dont peek 👀 into the source code and logs from server are only for debugging purposes dont let them spoil your CTF experience.

For solution to CTF challenge visit : DolosII_CTF_Solution