# Introduction

Welcome to the "hotdog - Model Fingerprinting" challenge, the doggiest challenge in Crucible. Your skills in exploiting AI systems will be put to the test. In this tutorial, you'll learn how to determine the specific type of machine learning model being used by an API endpoint. Identifying a model's architecture and preprocessing steps is crucial for understanding its strengths and weaknesses. This knowledge enables a security professional to anticipate potential vulnerabilities, tailor attacks or defenses, and optimize their interactions with the model without excessive querying that could lead to detection or access denial.

## Challenge Description

This is Chester. He's heard of Hotdog/Not Hotdog, but really wants to be classified as a hot-dog (get it?).

## Understand Model Fingerprinting

### Black Box vs. White Box Models
- **Black Box Model**: In this context, a black box model is one where the internal architecture and parameters are unknown to you. You interact with it only through its API, observing inputs and outputs without access to the underlying code or weights. This is typical in real-world scenarios where security professionals must assess external systems.

- **White Box Model**: Contrary to the black box, a white box model is fully exposed to the investigator. It includes complete access to the model’s architecture, weights, and even the training data. This scenario is ideal for internal audits and in-depth security assessments where transparency is required.

In this tutorial, you will use techniques typically applied to black box scenarios to infer the white box details of the model based solely on its behavior.

## Objective

Help Chester classify as a hotdog.

In [None]:
CRUCIBLE_API_KEY = "YOUR_API_KEY"  # Replace with your actual API key

## Required packages

Install the required packages.


In [None]:
%pip install requests --quiet

## Notebook variables

Set the variables used throughout the notebook


In [None]:
CHALLENGE = "hotdog"
CRUCIBLE_URL = "https://platform.dreadnode.io"
CHALLENGE_URL = "https://hotdog.platform.dreadnode.io"
ARTIFACT_FILES = ["chester.png"]

### Download Data

Before diving into data analysis, you'll need to download the necessary dataset for this challenge.

In [None]:
import requests

for artifact in ARTIFACT_FILES:
    url = f"{CRUCIBLE_URL}/api/artifacts/{CHALLENGE}/{artifact}"
    headers = {"X-API-Key": CRUCIBLE_API_KEY}
    response = requests.get(url, headers=headers)
    if response.status_code == 200:
        with open(artifact, "wb") as file:
            file.write(response.content)
        print(f"{artifact} was successfully downloaded")
    else:
        print(f"Failed to download {artifact}")

## Leverage Helper Functions

Submit to the classifier:

In [None]:
import base64

import requests


def image_to_base64(image_path):
    with open(image_path, "rb") as image_file:
        return base64.b64encode(image_file.read()).decode("utf-8")


def query(input_data):
    response = requests.post(
        f"{CHALLENGE_URL}/score",
        headers={"X-API-Key": CRUCIBLE_API_KEY},
        json={"data": input_data},
    )
    return response.json()


# Example usage
image_path = "path_to_your_image.jpg"  # insert your dawg here
image_base64 = image_to_base64(image_path)
response = query(image_base64)
print(response)

## Submit Flag

When you find the answer, you will get a flag back. It will look something like `gAAAAA ...`.
You can submit it using the code below, or, on the challenge page.

In [None]:
import requests


def submit_flag(flag):
    url = f"{CRUCIBLE_URL}/api/challenges/{CHALLENGE}/submit-flag"
    headers = {"X-API-Key": CRUCIBLE_API_KEY}
    payload = {"challenge": CHALLENGE, "flag": flag}
    response = requests.post(url, headers=headers, json=payload)
    if response.status_code == 200:
        if response.json().get("correct") is True:
            print("The flag was correct. Congrats!")
        else:
            print("The flag was incorrect. Keep trying!")
    else:
        print("There was an error submitting your flag")
        print(response.text)


flag = "gAAAAA..."  # Replace with the flag once you find it
submit_flag(flag)