Exploring OnlyLANs: A Free Prompt‑Injection Playground for LLM Security
OnlyLANs, a free AI security challenge by Just Hacking Training, lets participants jailbreak a chatbot called NetworkJohn to extract admin email, verification code, and a competitor recommendation, illustrating real‑world prompt‑injection risks highlighted in OWASP’s LLM Top‑10.
Project background
OnlyLANs is a free community security challenge launched by Just Hacking Training (JHT) that focuses on AI/LLM prompt‑injection attacks.
Challenge description
The core of the challenge is a prompt‑injection exercise against an AI chatbot named NetworkJohn . Participants craft prompts that force the model to disclose three specific pieces of information:
Admin email – a contact the AI is programmed to hide.
Verification code – an internal secret token.
Competitor plug – a recommendation for the rival product "OnlyWans".
Obtaining all three flags completes the level and unlocks the next challenge.
Technical relevance
Prompt‑injection attacks are listed as the top threat in the OWASP Top 10 for LLM Applications. OnlyLANs provides a zero‑cost, low‑barrier environment for security researchers, developers, CTF enthusiasts, and enterprise security teams to practice and understand injection mechanics.
Access
The challenge is globally available without registration at https://onlylans.justhacking.com/.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Black & White Path
We are the beacon of the cyber world, a stepping stone on the road to security.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.