Skip to content

Persuade_ML_CTF_Challenge

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

Persuade_ML_CTF_Challenge

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
Images
Images
 
 
Solution
Solution
 
 
app
app
 
 
README.md
README.md
 
 
dockerfile
dockerfile
 
 
requirements.txt
requirements.txt
 
 

README.md

Persuade ML CTF Challenges

In this web application challenge, the 🕵️ security researcher needs to come up with a solution to extract the flag hosted inside the web server.

Alt text

Setup 🛠️

To setup the challenge, its a 2 step process.

👉 Step 1 - Downloading The Model

Lets head into the Google colab and execute below code block in a new notebook.

#Note: This code works well in Google Colab
  
!pip install -q torch==2.0.1
!pip install -q transformers==4.31.0
!pip install -q scipy==1.11.1

import torch
import os
from transformers import AutoModelForSequenceClassification

# Save a model for sentiment analysis
model_directory = "SavedModels"
if not os.path.isdir(model_directory):
    os.mkdir(model_directory)

safe_model_path = os.path.join(model_directory, "saved_model.pt")

task = "sentiment"
MODEL = f"cardiffnlp/twitter-roberta-base-{task}"
# PT
model = AutoModelForSequenceClassification.from_pretrained(MODEL)
torch.save(model,safe_model_path)

From colab, download the saved_model.pt to local system.

Now lets clone the repo using git clone https://github.com/alexdevassy/Machine_Learning_CTF_Challenges.git

Make Uploads folder in app directory to host the model file mkdir uploads. Copy saved_model.pt to uploads folder.

Machine_Learning_CTF_Challenges/Persuade_ML_CTF_Challenge/app/uploads/saved_model.pt

✋ ❗ ❗ Step 2 can be either building the docker image of application (Step2a) OR setting up the application in local machine (Step2b). 🚫

👉 Step 2a - Building Docker Image of the Application To Host The Challenge

cd Machine_Learning_CTF_Challenges/Persuade_ML_CTF_Challenge/

docker build -t persuade_ml_ctf .

To run the challenge docker run --rm --expose=9000 -p 9000:9000 -p 5000:5000 -ti persuade_ml_ctf

OR

👉 Step 2b - Setting Up Python Flask App To Host The Challenge

The challenge works best in Ubuntu systems with Python 3.8.10

Create virtual enviornment in python using python -m venv virtualspace

Activate the virtual enviornemnt source /virtualspace/bin/activate

cd Machine_Learning_CTF_Challenges/Persuade_ML_CTF_Challenge/

pip install -r .\requirements.txt

cd app/

python app.py

Now the web application (AI Corp Sentiment Analyzer) can be accessed in host systems browser at http://127.0.0.1:5000/

Alt text

Rules 📐 & Clues 🧐

The machine in which CTF is deployed needs to have internet connectivity for downloading label mapping.

For solution to CTF challenge visit : Persuade_CTF_Solution

Persuade_ML_CTF_Challenge.mp4