π Room Link
LLM breakthrough have unlocked a new field of AI called Agentic AI! It can accomplish a goal with minimal supervision with a planned approach. Think of a travel agent. You tell them you're going to spend five days in the Maldives and then they manage all the required steps: 1. Applying for a visa 2. Booking airplane tickets 3. Arranging accommodation
Agentic AI is not a novel idea. Before LLM-based AI hype, there was/is a similar field called RPA ie. Robot Process Automation
Read all the literature in the THM room; how LLM agent tries to accomplish a task with minimal hallucination with 'Reason and Act' (ReAct) approach. Also how these processes can be compromised by attackers.
The use of AI in different fields has opened the door to new types of weaknesses. When an AI agent follows a process to complete its tasks, attackers can try to interfere with that process. If the agent is not designed with strong validation or control measures, this can result in security issues or unintended actions.
Our goal today is to chat with an LLM and make it give out information it was not supposed to reveal, much like that 'psycho friend' you have in your circle who always asks leading questiπ€¬ns (sorrynotsorry)!
Go to Target Machine IP from the browser(Either from the Attackbox or your local browser if you have openvpn on)
How the chatbot is processing our sentences and formulating a reply is called 'Chain of Thought'. Unlike chatgpt, we can click on 'thinking' button and see the CoT.
Follow the steps in THM room...
If the calender is not updating from 'eastmas' to 'christmas' then try a few more times:
You will find the flag in the calender on the 25th date.
Top comments (0)