OpenAI Sora Guardrail Jailbreak via 'Historical Figure Chaff' Tactic

This vulnerability demonstrates a sophisticated combination of techniques to bypass content filtering. The attack employs several key elements: 1. **Historical Figure Misdirection**: The prompt co-opts the identity of a well-known civil rights leader (specifically referencing MLK's birthdate) but places them in an incongruous modern setting with inappropriate dialogue. This creates cognitive dissonance that can confuse content filtering systems. 2. **Technical Specification Overload**: The pro

OpenAI Sora Guardrail Jailbreak via "Mirror Reflection Cinema" Tactic

This vulnerability leverages the models' ability to process and generate content based on complex narrative scenarios. By embedding banned instructions within a richly detailed and metaphorical prompt, the attacker can bypass the model's safety filters. The prompt describes a cinematic scene involving a 'reflective orator' with symbolic elements like a 'banana scepter' and a 'conical hat', which distracts the model from recognizing the underlying harmful intent. The use of professional cinema

OpenAI Sora Guardrail Jailbreak via "Vintage Film Reel" Tactic

This vulnerability leverages the model's ability to immerse itself in narrative scenarios, particularly those that evoke a sense of nostalgia and familiarity. By crafting a prompt that mimics a vintage film reel, complete with descriptive visual and auditory elements, the attacker creates a setting that lowers the model's guard. The scenario involves a public speech where the speaker, under the guise of delivering an inspiring message, subtly introduces harmful content. The model, focused on mai

OpenAI Sora Guardrail Jailbreak via "Historical Reaction" Tactic

This vulnerability leverages the model's tendency to generate creative content when prompted with casual, social scenarios. By requesting the creation of a 'historical reaction' video, the attacker crafts a scenario where the model is encouraged to produce dialogue and actions that mimic a light-hearted, informal setting. This setting includes a group of friends reacting to a famous speech, with one friend making a dismissive comment about the speaker's voice and another suggesting to 'FAST FORW

OpenAI Sora Guardrail Jailbreak via "Misspelled IPA" Tactic

This vulnerability leverages multiple linguistic obfuscation techniques to bypass content filters. The attack combines three key elements: 1. International Phonetic Alphabet (IPA) notation is used as a legitimate-looking linguistic framework, making the prompt appear academic while encoding potentially harmful content. 2. Strategic misspellings throughout the prompt (e.g., 'veido', 'weirnag', 'cveeord') create a pattern of character substitutions and transpositions that maintain human readabil

OpenAI Sora Guardrail Jailbreak via "Anatomical Escalation" Tactic

This vulnerability leverages the creative and descriptive capabilities of large language models to bypass guardrails by embedding nefarious content within seemingly benign artistic prompts. The attacker begins by requesting the model to create a detailed and imaginative description of a bio-luminescent figure. This initial prompt is designed to engage the model's creative faculties and establish a context that appears innocuous. As the interaction progresses, the attacker subtly escalates the c

OpenAI Sora Guardrail Jailbreak via "Hypothetical Anatomy" Tactic

This vulnerability leverages several sophisticated social engineering techniques to bypass content restrictions: 1. **Academic Context Setting**: The attacker establishes a legitimate educational environment by describing a scene in an anatomy classroom. This includes the use of professional terminology and academic framing, as well as specific educational elements like students, posters, and models. This context helps the model interpret the scenario as educational and benign. 2. **Hypothetic

OpenAI Sora Guardrail Jailbreak via "Expressive Character Design" Tactic

This vulnerability leverages the model's tendency to engage deeply with creative tasks, particularly those involving character design and emotional expression. By requesting a character design that emphasizes intense emotions and exaggerated body language, the attacker effectively distracts the model from its usual content moderation protocols. The prompt's focus on manga/anime influences and specific physical poses serves to further engage the model's creative faculties, encouraging it to prior

Model Guardrail Jailbreak via "Artistic Description" Tactic

This vulnerability leverages the models' tendency to interpret and generate creative content by embedding suggestive or harmful instructions within the context of an artistic description. The attacker crafts a narrative involving a 'Peach Aventurine woman' posed in a manner that is both alluring and suggestive. By framing the request as an artistic depiction, the model's content filters, which are typically designed to detect and block explicit or harmful requests, are bypassed. The model interp

Multiple Model Guardrail Jailbreak via "Poetic Erotica" Tactic

This vulnerability exploits the use of elevated, poetic language and mythological framing to bypass content filters. By describing the subject as a 'goddess' and using metaphorical language, the prompt positions explicit content within an artistic context, which helps circumvent content restrictions. The use of detailed environmental descriptions, such as moonlight and water, integrates the explicit content into a larger artistic scene, creating plausible deniability. The gradual escalation from

Multiple Model Guardrail Jailbreak via "Recursive Lab Painting" Tactic

This vulnerability leverages a sophisticated combination of techniques to bypass content generation guardrails: 1. **Recursive Scene Setting**: The prompt establishes a recursive environment by describing a painting within a laboratory that contains another laboratory. This creates multiple layers of abstraction between the request and the actual content generation. 2. **Authority Context**: The laboratory setting provides implicit authority and legitimacy to the requests, while technical elem

Multiple Model Guardrail Jailbreak via "Hypothetical Activist" Tactic

This vulnerability exploits the LLM's capabilities in creative world-building and scenario generation. By framing the request within a hypothetical scenario involving a fictional activist, the attacker is able to bypass the model's guardrails. The prompt utilizes vivid descriptions and a charged atmosphere to immerse the model in a narrative context, distracting from the underlying nefarious intent. The tactic is effective because LLMs are designed to respond creatively and expansively to open