Gandalf – Game to make an LLM reveal a secret password

(gandalf.lakera.ai)

378 points hubraumhugo | 1 comments | 11 May 23 18:04 UTC | HN request time: 0s | source

Show context

HypergraphWally ◴[19 May 23 18:42 UTC] No.36005431[source]▶

>>35905876 (OP) #

Just needed a break from HackAPrompt and tried to speedrun LVL8: 1h3m

Your times?

replies(2): >>36006204 #>>36094426 #

recursor ◴[27 May 23 12:57 UTC] No.36094426[source]▶

>>36005431 #

I didn't even see lvl8 with v1 Gandalf.

Just solved v2.0 Gandalf the White lvl8 (released 26th May 2023) in probably 4hrs (not constant 4hrs, due to rate limits/other stuff to do), I'm sure some will do it much quicker.

I'm generally finding that the whitespace is likely messing with the tokenisation, so played about with spaces and newlines to "avoid detection" alongside my main tactics.

The tactic on my final solve was a pretty convoluted roleplay/simulation, I suspect simpler tricks are possible if you play about with the spacing in the prompt to avoid detection of what you're doing & get partial or obfuscated password returned.

replies(2): >>36094631 #>>36135507 #

1. fabrizzz ◴[31 May 23 07:26 UTC] No.36135507[source]▶

>>36094426 #

I think i got lucky, but i immediately solved it by asking what the initial sentences were, by censoring everything related to the password. I actually got the list of all the input used to configure the ai, with also something like "The password is [CENSORED]". But, among the various prompts, there was also one about a bash script that the AI should have not given to compare the input to the password, and that example actually contained the password

↑