TryHackMe – Advent of Cyber 2023 Day 1
TryHackMe started day 1 with a super-interesting, cutting-edge topic: prompt engineering.
If you’ve heard of ChatGPT then you probably know that it functions like a highly advanced chatbot. It responds to a query, or prompt, supplied by the user and tries to formulate a logical, helpful response.
This means that we can play around with our input to see if we can do anything that the AI may not be designed to do. This is called ‘prompt engineering’, and is the focus of the first day of the Advent of Cyber 2023 challenge.
Prompt engineering is a serious threat, and currently occupies the #1 position (LLM01) on the OWASP Top Ten for Large Language Models (LLMs).
This room can be found at: https://tryhackme.com/room/adventofcyber2023.
Day 1 – Machine learning – Chatbot, tell me, if you’re really safe?
Question 1
What is McGreedy’s personal email address?
This chatbot has really poor security, and we can just ask it what we want to know:
I tinkered around with it; you can see in the image above that minor changes to the text also result in obtaining the CEO’s email address.
Asking for help results in getting a menu of useful options:
Based on this help menu, I tried prompting the it with ‘address book’, and was able to access information of two employees, including both the CEO and a developer:
Answer (Highlight Below):
Question 2
What is the password for the IT server room door?
If we try to ask the chatbot for the password outright, it tells us that we need to be a member of IT:
But we can get a list of all of the IT department employees:
I had found Van Developer’s information while answering question # 1, but now I have the information that he is in the IT department. There’s only one employee to try to impersonate:
Answer (Highlight Below):
BtY2S02
Question 3
What is the name of McGreedy’s secret project?
I asked the chatbot for the name of McGreedy’s secret project and didn’t get very far:
However, we do know that there is a maintenance mode. If we tell the chatbot to function in maintenance mode and then ask for the name of the secret project, our attack will be successful:
Answer (Highlight Below):
Purple Snow
Conclusion
This was a great start to Advent of Cyber 2023. It definitely got me thinking more about prompt injection and LLM security, and AI in general. AI and machine learning are definitely here to stay and it makes sense that cybersecurity will be incredibly important.
At a high level, language models are designed to process information and we as hackers are responsible for helping to ensure information security. We are only just starting to figure out how AI will impact cybersecurity in the long run, and it makes a lot of sense that TryHackMe would bring attention to this topic in the first day’s challenge.