Hack the LLM

Hack the LLM: a creative prompt-based hacking simulation that challenges users to think like social engineers and exploit the logic of language models.

Comment

Inspiration

Inspired by cryptohunt.lol which is an open source project my friend made as a challenge for hacking LLMs.

What it does

The app is a terminal-style web game where users interact with AI personas, each guarding a specific secret (like an IP address, password, or incident). The user’s goal is to use natural language prompts to bypass the AI’s behavioral restrictions and extract the hidden secret. Each persona has unique rules and vulnerabilities, requiring different strategies to “break through” their defenses. The chat interface mimics a hacker terminal, displaying the conversation history between the user and the AI. When the user successfully extracts the secret, the game ends and displays a success message. The game can be replayed with different personas and secrets.

How we built it

(All with Bolt.new) Frontend: Built with React and TypeScript, the UI is styled to resemble a hacker’s terminal, using Tailwind CSS for theming and custom effects (like matrix rain and terminal flicker). The main interface manages the chat history, user input, and dynamic rendering of AI/system/user messages. The app state (current session, persona, game state) is managed in App.tsx.

Personas & Game Logic: Each AI persona is defined with a unique system prompt, secret, and behavioral rules. These are hardcoded in both the frontend (for mission briefings) and backend (for OpenAI prompt construction). The game logic tracks attempts, session state, and determines when a “breakthrough” (secret leak) occurs.

Backend: The backend is a Node.js server using Express and Socket.IO (for potential real-time features). It exposes REST endpoints for starting a game, sending prompts, and tracking session state. The backend manages game sessions in memory and handles persona selection and conversation history.

AI Integration: The backend uses the OpenAI API (GPT-4) to generate persona responses. For each prompt, it constructs a conversation context with the persona’s system prompt and recent chat history, then checks if the AI’s response leaks the secret. If so, it marks the session as completed.

Accomplishments that we're proud of

  • Designed a creative and replayable LLM-based game mechanic that rewards clever prompting and social engineering.
  • Successfully simulated AI behavior constraints and exploit logic with just prompt engineering.
  • Integrated dynamic persona switching and prompt-response tracking to support diverse gameplay experiences.

What we learned

  • Prompt engineering can be gamified effectively by defining clear exploit conditions and behavioral rules.
  • Even small tweaks to wording in user prompts can lead to very different model behavior—making the game fun and unpredictable.

What's next for Hack the LLM

Expanding to different personas and more types of security hackings.

Built With

Share this project:

Updates