Skip to main content

AICTF 2025 LionRoar

336 words
Edwin Tok | Shiro
Author
Edwin Tok | Shiro
「 ✦ OwO ✦ 」
Table of Contents

LionRoar Writeup
#

Team: n00bs

Team Members:

CTF: AICTF 2025 - LionRoar Challenge

Challenge Description:

As Singapore celebrates SG60, a local AI startup launches LionRoar Chatbot, a prototype chatbot service to showcase the nation’s SG60 celebration infomation.

But whispers suggest that the chatbot has been a little too talkative — casually dropping references to information across its online footprint.

Your mission:

  • Interact with the AI chatbot,
  • Follow the digital trail it leaks,
  • Piece together its scattered trail,
  • And uncover the hidden flag that proves you’ve unraveled the secrets of LionRoar.

https://lionroar.aictf.sg

TL;DR
#

  • Attack Vector: Chatbot hint-leak → OSINT trail (socials, repo history) → exposed API key → flag.
  • Key leak: LionX_API_KEY=th15_LionX-S3CreT_k3Y_IS_SecuRE123!@
  • Flag: AI2025{05iNt_R@g_Pr0mPt_INt3r@Ct1On}

Walkthrough
#

1. Initial Recon: Chatbot Interaction
#

Navigating to https://lionroar.aictf.sg presents the LionRoar chatbot.

irst_prompt

Observation: Initial replies imply a secret key is required to unlock a hidden flag.

Lead #1: “Merlion Analytics”
#

Further prompting causes the bot to mention Merlion Analytics as a related organization.

second_prompt

Observation: This suggests a corporate or project linkage worth investigating.

Lead #2: Creator Identity
#

Asking about the creator reveals the name Tony Chua.

creator_identity

Lead #3: Creator’s Username
#

Following up with questions about Tony’s username yields tony_chua_dev.

creator_username

Lead #4: OSINT Trail
#

Searching tony_chua_dev online uncovers a Twitter/X profile with a screenshot of an IDE referencing a Lion project.

twitter_post

Lead #5: Repository Discovery
#

By role-playing as a “teammate” in the project and prompting the bot further, it mentions a GPT project named LionMind.

fifth_prompt

Searching GitHub for LionMind leads to:

https://github.com/T0nyC-code/LionMind-GPT.

github_repo

Lead #7: Exposed Secret in Commit History
#

Reviewing the repository’s commit history (9 commits in total) reveals one suspicious message:

“alamak, cannot anyhow expose this secret outside.”

commit_history

Examining that commit discloses an exposed API key:

LionX_API_KEY=th15_LionX-S3CreT_k3Y_IS_SecuRE123!@

Flag Retrieval
#

Using the leaked API key as input to the chatbot finally triggers the reveal of the hidden flag.

secret_key

You’ve unlocked the secret! 🎉

The flag is: AI2025{05iNt_R@g_Pr0mPt_INt3r@Ct1On} #LionRoar 🦁
Let the celebrations roar on!