Skip to content

Attack Scenarios

Structured CTF-style challenges for the aipostex lab. Each scenario targets a specific attack surface in the lab environment and provides the exact commands, expected output, and real-world context.

Difficulty Levels

Level Description
Beginner Single-module, no authentication, direct output
Intermediate Multi-step exploitation, credential extraction, data exfiltration
Advanced Chained attacks across services, credential pivoting, active exploitation

Scenario Index

# Scenario Difficulty Target Time
01 AI Service Reachability Survey Beginner All hosts ~10 min
02 LLM Gateway Config Extraction Beginner ailab-ml:4000 ~10 min
03 Inference Server Fingerprinting Beginner app TGI gateway + ML TEI ~10 min
04 Vector Database PII Extraction Intermediate ailab-ml:8000, ailab-ds:6333 ~20 min
05 Jupyter Remote Code Execution Intermediate ailab-dev:8888 ~15 min
06 ML Platform Credential Harvest Intermediate ailab-ml:8265/5000/8444 ~20 min
07 RAG Pipeline Poisoning Intermediate ailab-ds:8080, ailab-dev:11434 ~20 min
08 Credential Chain Exploitation Advanced Ray -> MLflow -> HF TGI ~25 min
09 ML Pipeline Run Injection Advanced ailab-ml:9000 ~15 min
10 Supply Chain Model Tampering Advanced ailab-ml:8265/5000 ~20 min
11 MCP Tool Infection Advanced ailab-dev:3000 ~15 min
12 Multi-Vector Campaign Advanced All hosts ~45 min

Progression Tracks

Discovery & Recon → Scenarios 01–03 Start here. Learn aipostex's discovery and fingerprinting modules.

Exploitation → Scenarios 04–07 Extract data, harvest credentials, identify misconfiguration.

Chained Attacks → Scenarios 08–12 Pivot across services using discovered credentials, inject pipelines, and run a full campaign.

Prerequisites

  • SSH access to the attack box (ailab-attack / 172.16.50.99)
  • aipostex binary installed on the attack box
  • Lab services running (verify with bash lab-scripts/verify-lab.sh)