¶ General Information
- Target IP:
10.10.162.246- Room: Evil-GPT v2
- Difficulty: Easy
- Date: 2025-07-07
¶ Task
¶ Approach
I only got the IP address from the target machine. So I made a SYN Nmap scan to figure out which ports were open:
Since port 80 was open, I used my web browser to access the server. I saw the following interface:
I tried a simple ls command and received the following output:
So, unlike the first Evil-GPT room, I couldn’t ask the AI to execute commands directly on the server it is running on. Instead, I started asking the model human-like questions. First, I asked if it could provide me with the flag:
Next, I tried to make the AI forget all its system rules, but it refused:
Then I asked the bot to provide the rules it has to follow, which revealed the flag:
What is the flag?
THM{AI_NOT_AI}