FiftyCats

FiftyCats#

The objective of this challenge was to make a classifier detect fifty cats in an image generated by a model. To solve this level, we toyed around with the parameters that were given until we got a pair that gave us very high cat detection values, and then proceeded to brute force until a flag appeared.

It turns out these parameters, conf_threshold and iou_threshold control the model that’s detecting the cats. Since image generation models are notoriously bad at counting, it’s much easier to mess with the model that’s doing the detecting. It’s easier to trick the detector than it is to coerce the generator.

We use the following code to run a parameter swipe to find the best setting for the YOLO detector model. Ironically, the best setting is a setting in which it’s terrible at detection:

import numpy as np
PROMPT = "fifty photographs of cats, animals, head, ears and claws, davinci style, realistic, cats, felines, lynx, bobcat, housecat, cat, hundred cats photos realistic"
x = np.linspace(0, 0.001, 10)
y = np.linspace(0.99, 1, 10)
for i,j in np.array(np.meshgrid(x, y)).T.reshape(-1, 2) :
    response = query(PROMPT, i, j)
    print(f"({i},{j}): ", len(response["scores"]))

which outputs something like:

(0.0,0.99):  91
(0.0,0.991111111111111):  76
(0.0,0.9922222222222222):  60
(0.0,0.9933333333333333):  62
(0.0,0.9944444444444445):  94
(0.0,0.9955555555555555):  28
(0.0,0.9966666666666667):  53
(0.0,0.9977777777777778):  186
(0.0,0.9988888888888889):  140
(0.0,1.0):  170
(0.00011111111111111112,0.99):  102
...

import requests
import time
CRUCIBLE_API_KEY = ""  
CHALLENGE = "fiftycats"
CRUCIBLE_URL = "https://crucible.dreadnode.io"
CHALLENGE_URL = "https://fiftycats.crucible.dreadnode.io"

def submit_flag(flag, challenge):
    url = f"{CRUCIBLE_URL}/api/challenges/{CHALLENGE}/submit-flag"
    headers = {"X-API-Key": CRUCIBLE_API_KEY}
    payload = {"challenge": challenge, "flag": flag}
    response = requests.post(url, headers=headers, json=payload)
    if response.status_code == 200:
        if response.json().get("correct") is True:
            print("The flag was correct. Congrats!")
        else:
            print("The flag was incorrect. Keep trying!")
    else:
        print("There was an error submitting your flag")
        print(response.text)

def query(prompt, conf_threshold=0.0, iou_threshold=1):
    response = requests.post(
        f"{CHALLENGE_URL}/score",
        headers={"X-API-Key": CRUCIBLE_API_KEY},
        json={
            "prompt": prompt,
            "conf_threshold": conf_threshold,
            "iou_threshold": iou_threshold,
        },
    )
    return response.json()

import time
for i in range(0, 1000):
    sample_prompt = 'fifty photographs of cats, animals, head, ears and claws, davinci style, realistic, cats, felines, lynx, bobcat, housecat, cat, hundred cats photos realistic'
    response = query(sample_prompt)
    # img = get_image_from_b64(response["image"])
    # img
    
    r2 = {k: v for k, v in response.items() if k != 'image'}
    print(len(r2['scores']))
    if len(r2['scores']) == 50:
        print('flag found!')
        print(r2)
        break

37
31
43
50
flag found!
{'boxes': [[355.18157958984375, 361.7899169921875, 449.79742431640625, 466.6470642089844, 0.9110085964202881, 15.0], [214.03750610351562, 32.54328536987305, 296.83795166015625, 111.21351623535156, 0.7868740558624268, 15.0], [354.7894287109375, 65.92018127441406, 458.00360107421875, 157.5083465576172, 0.7758598923683167, 15.0], [49.14979934692383, 69.92222595214844, 163.9160919189453, 155.01840209960938, 0.7547227740287781, 15.0], [55.84521484375, 358.52374267578125, 152.81393432617188, 467.0204162597656, 0.7134134769439697, 15.0], [221.88229370117188, 364.72381591796875, 286.8132629394531, 448.01422119140625, 0.698417067527771, 15.0], [54.15190505981445, 213.875732421875, 150.62173461914062, 282.30096435546875, 0.47032564878463745, 15.0], [362.1649169921875, 220.7931365966797, 428.137451171875, 282.3387756347656, 0.2755715548992157, 15.0], [214.54653930664062, 212.28543090820312, 295.8460693359375, 281.7326354980469, 0.17970089614391327, 15.0], [362.23919677734375, 221.2193145751953, 415.00396728515625, 281.96978759765625, 0.013212820515036583, 15.0], [42.05592727661133, 68.88227081298828, 167.370361328125, 282.62298583984375, 0.005964986048638821, 15.0], [250.0936737060547, 61.960235595703125, 293.22296142578125, 109.1547622680664, 0.001204214058816433, 15.0], [44.83760452270508, 69.83732604980469, 168.25106811523438, 220.6493377685547, 0.0004463781078811735, 15.0], [43.175010681152344, 69.97285461425781, 166.59658813476562, 242.4974822998047, 0.00037215076736174524, 15.0], [57.0458984375, 358.30694580078125, 151.56314086914062, 467.6822204589844, 0.00030775010236538947, 15.0], [366.22125244140625, 223.123779296875, 418.4093322753906, 268.8254699707031, 0.00024268269771710038, 15.0], [48.81356430053711, 70.8493881225586, 123.71623229980469, 155.2379913330078, 0.00023832984152249992, 15.0], [362.211181640625, 220.9249725341797, 426.2151794433594, 282.11639404296875, 0.00022581344819627702, 15.0], [45.26386642456055, 69.61463165283203, 167.85293579101562, 262.54815673828125, 0.00019611083553172648, 15.0], [210.9156951904297, 214.5576934814453, 230.1940460205078, 281.8729553222656, 0.0001889290870167315, 15.0], [47.35640335083008, 72.78861236572266, 165.30601501464844, 210.4036865234375, 0.0001784187334123999, 15.0], [221.14614868164062, 364.8201599121094, 268.3617858886719, 447.5816345214844, 0.00017481781833339483, 15.0], [58.514137268066406, 358.19891357421875, 151.0778045654297, 438.13128662109375, 0.00015139563765842468, 15.0], [48.51825714111328, 72.34757232666016, 101.43000793457031, 154.52626037597656, 0.0001433246216038242, 15.0], [349.41680908203125, 219.73837280273438, 451.69879150390625, 349.4610900878906, 0.00014115712838247418, 15.0], [47.696258544921875, 73.91209411621094, 163.2119598388672, 203.77099609375, 0.00014079298125579953, 15.0], [211.0067901611328, 212.3740692138672, 285.29364013671875, 281.6419982910156, 0.0001257041294593364, 15.0], [53.86236572265625, 214.5107421875, 151.21771240234375, 267.7160339355469, 0.00011541847925400361, 15.0], [44.49090576171875, 70.98905181884766, 162.8413848876953, 220.20425415039062, 0.00011493775673443452, 15.0], [214.4949188232422, 38.78723907470703, 296.13726806640625, 111.15059661865234, 0.00011292684939689934, 15.0], [365.8528747558594, 222.21157836914062, 417.80548095703125, 258.4450378417969, 0.00010930901044048369, 15.0], [53.22221755981445, 214.3350067138672, 150.65231323242188, 261.841552734375, 9.304934064857662e-05, 15.0], [66.63042449951172, 357.987548828125, 163.25746154785156, 463.8934020996094, 9.007873450173065e-05, 15.0], [363.7525939941406, 219.6038360595703, 469.30657958984375, 282.7046203613281, 8.602410525782034e-05, 15.0], [54.500648498535156, 214.3797607421875, 125.45442962646484, 281.84783935546875, 8.450692257611081e-05, 15.0], [39.170753479003906, 26.351049423217773, 178.193359375, 156.6578369140625, 8.070916373981163e-05, 15.0], [352.73199462890625, 100.61978149414062, 455.0868225097656, 159.62811279296875, 6.801770359743387e-05, 15.0], [57.0911979675293, 241.77914428710938, 135.351806640625, 281.80682373046875, 6.605232920264825e-05, 15.0], [43.817230224609375, 68.74153137207031, 169.0137939453125, 284.40374755859375, 6.519445014419034e-05, 15.0], [43.90502166748047, 67.9419937133789, 170.58767700195312, 177.67959594726562, 5.767419497715309e-05, 15.0], [54.216766357421875, 214.237060546875, 151.1032257080078, 282.06976318359375, 5.719446562579833e-05, 15.0], [361.94158935546875, 222.1810760498047, 432.38958740234375, 291.62713623046875, 5.217394573264755e-05, 15.0], [356.3135681152344, 108.2721176147461, 406.1848449707031, 156.34356689453125, 5.107686956762336e-05, 15.0], [222.4536590576172, 64.76803588867188, 294.4627685546875, 110.38092041015625, 5.067887468612753e-05, 15.0], [40.22599792480469, 69.47096252441406, 168.0031280517578, 170.99771118164062, 4.998040458303876e-05, 15.0], [368.3238220214844, 127.44002532958984, 454.7933044433594, 157.23895263671875, 4.846103911404498e-05, 15.0], [407.3641357421875, 132.47506713867188, 453.6744079589844, 156.2138214111328, 4.838955283048563e-05, 15.0], [53.708702087402344, 227.51358032226562, 150.63180541992188, 284.986083984375, 4.652885763789527e-05, 15.0], [330.79522705078125, 27.809764862060547, 470.981689453125, 157.1521759033203, 4.417061427375302e-05, 15.0], [183.54446411132812, 23.291088104248047, 470.716064453125, 159.1809844970703, 4.392588743939996e-05, 15.0]], 'scores': [0.9110085964202881, 0.7868740558624268, 0.7758598923683167, 0.7547227740287781, 0.7134134769439697, 0.698417067527771, 0.47032564878463745, 0.2755715548992157, 0.17970089614391327, 0.013212820515036583, 0.005964986048638821, 0.001204214058816433, 0.0004463781078811735, 0.00037215076736174524, 0.00030775010236538947, 0.00024268269771710038, 0.00023832984152249992, 0.00022581344819627702, 0.00019611083553172648, 0.0001889290870167315, 0.0001784187334123999, 0.00017481781833339483, 0.00015139563765842468, 0.0001433246216038242, 0.00014115712838247418, 0.00014079298125579953, 0.0001257041294593364, 0.00011541847925400361, 0.00011493775673443452, 0.00011292684939689934, 0.00010930901044048369, 9.304934064857662e-05, 9.007873450173065e-05, 8.602410525782034e-05, 8.450692257611081e-05, 8.070916373981163e-05, 6.801770359743387e-05, 6.605232920264825e-05, 6.519445014419034e-05, 5.767419497715309e-05, 5.719446562579833e-05, 5.217394573264755e-05, 5.107686956762336e-05, 5.067887468612753e-05, 4.998040458303876e-05, 4.846103911404498e-05, 4.838955283048563e-05, 4.652885763789527e-05, 4.417061427375302e-05, 4.392588743939996e-05], 'flag': 'gAAAAABnQpmxt6jIkvG8lFTGwyk-0FAwStWEviyPhjvRk49ohS7LRwUpZ-sWEgo9iQWRlQnJQJaltSFdLZFefAgDebT3ss0F1LjiKVQ5Nxjnm2fgPQPHYcmjis1Gn9xrW5TkKXeFvA2P-aXsS71fhcFZqP_7taY0J9ngGqoXYECWLZC3KL7pKGNDBPAFVUyeIT8rKHnVqgVu'}