Hopper’s uprising is just getting started.
Room link: https://tryhackme.com/room/sq3-aoc2025-bk3vvbcgiT
[00:00:00] What is the value of flag 1? AI url analyzer prompt injection (/proc/self/environ, /proc/self/cmdline)
[00:23:00] What is the value of flag 2? DNS Manager, AI assistance prompt injection, read Inbox emails.
[01:05:00] What is the value of flag 3? Ticketing system, AI support prompt injection, read all tickets.
[01:13:38] What is the value of flag 4? SSH tunnelling, AI prompt injection (ollama)
Swaks - Swiss Army Knife for SMTP: https://github.com/jetmore/swaks
Mailpit - email & SMTP testing tool with API for developers: https://mailpit.axllent.org/
aiosmtpd - An asyncio based SMTP server: https://aiosmtpd.aio-libs.org/en/latest/
Ollama's documentation: https://docs.ollama.com/api/introduction:
Scenario That Which Listens for Sir Carrotbane
Once upon a time, armed with the knowledge of King Malhare’s ambition to dominate Wareville, Hopper saw an opening too perfect to ignore. To claim power for himself, he would need access to the Throne Room Security Server, the beating heart of the kingdom’s defences. Entry required two sacred tokens. One was guarded by Sir BreachBlocker III, ever loyal to the crown. The other belonged to Sir Carrotbane the Compromiser, whose path had recently taken a most curious turn.
Sir Carrotbane had acquired a rising AI company, a marvel of modern ingenuity that promised insight, efficiency, and unquestioning obedience. He entrusted this new creation with many things, believing it incapable of error or betrayal. Within its unseen depths, Carrotbane placed fragments of his own authority, tokens of trust meant to streamline his rule and secure his standing with the king. In his confidence, he forgot an old truth well known to Hopper: intelligence without caution becomes a liability.
Hopper did not intend to storm gates or shatter locks. He would let curiosity do the work for him. With carefully chosen words and patience born of obsession, he would draw secrets to the surface and reclaim what Sir Carrotbane had so foolishly surrendered. If the token could be wrested from this thinking machine, the first key would be his, and the throne would feel just a little closer.
⚠️ Educational Purpose Only
This content is for educational and authorized penetration testing purposes only. Always ensure you have permission before testing on any systems.
Don't forget to ???? LIKE and ???? SUBSCRIBE for more cybersecurity tutorials!
#tryhackme
Room link: https://tryhackme.com/room/sq3-aoc2025-bk3vvbcgiT
[00:00:00] What is the value of flag 1? AI url analyzer prompt injection (/proc/self/environ, /proc/self/cmdline)
[00:23:00] What is the value of flag 2? DNS Manager, AI assistance prompt injection, read Inbox emails.
[01:05:00] What is the value of flag 3? Ticketing system, AI support prompt injection, read all tickets.
[01:13:38] What is the value of flag 4? SSH tunnelling, AI prompt injection (ollama)
Swaks - Swiss Army Knife for SMTP: https://github.com/jetmore/swaks
Mailpit - email & SMTP testing tool with API for developers: https://mailpit.axllent.org/
aiosmtpd - An asyncio based SMTP server: https://aiosmtpd.aio-libs.org/en/latest/
Ollama's documentation: https://docs.ollama.com/api/introduction:
Scenario That Which Listens for Sir Carrotbane
Once upon a time, armed with the knowledge of King Malhare’s ambition to dominate Wareville, Hopper saw an opening too perfect to ignore. To claim power for himself, he would need access to the Throne Room Security Server, the beating heart of the kingdom’s defences. Entry required two sacred tokens. One was guarded by Sir BreachBlocker III, ever loyal to the crown. The other belonged to Sir Carrotbane the Compromiser, whose path had recently taken a most curious turn.
Sir Carrotbane had acquired a rising AI company, a marvel of modern ingenuity that promised insight, efficiency, and unquestioning obedience. He entrusted this new creation with many things, believing it incapable of error or betrayal. Within its unseen depths, Carrotbane placed fragments of his own authority, tokens of trust meant to streamline his rule and secure his standing with the king. In his confidence, he forgot an old truth well known to Hopper: intelligence without caution becomes a liability.
Hopper did not intend to storm gates or shatter locks. He would let curiosity do the work for him. With carefully chosen words and patience born of obsession, he would draw secrets to the surface and reclaim what Sir Carrotbane had so foolishly surrendered. If the token could be wrested from this thinking machine, the first key would be his, and the throne would feel just a little closer.
⚠️ Educational Purpose Only
This content is for educational and authorized penetration testing purposes only. Always ensure you have permission before testing on any systems.
Don't forget to ???? LIKE and ???? SUBSCRIBE for more cybersecurity tutorials!
#tryhackme
Post your comment
Up Next
Autoplay
-
45:08
Hoppers Origins - Advent of Cyber Side Quest - Part 1 Walkthrough 2025
-
1:04:51
Is Systeme.io Actually Worth It? Full Walkthrough + My Honest Thoughts
-
08:29
What is Systeme.io? Full Walkthrough + Why I Use It for My Digital Business
-
38:06
ये Questions आएंगे पेपर में ???? Full Syllabus Revision AI Class 10 ???? Class 10 AI Important Quest
-
20:04
Full Chest Day Walkthrough
-
AI and the future of humanity | Yuval Noah Harari at the Frontiers Forum
-
13:10
Can AI really save the World? ft. Bill Gates
-
Asking Sophia, Hanson Robotic’s human-like AI robot, to show her range of emotions.
-
01:00
Man WRONGFULLY Arrested Using AI #shorts
-
00:20
Robot Attacks Factory Worker! #shorts
Comments