| Name | hackingBuddyGPT JSON |
| Version |
0.3.1
JSON |
| download |
| home_page | None |
| Summary | Helping Ethical Hackers use LLMs in 50 lines of code |
| upload_time | 2024-08-29 12:35:41 |
| maintainer | None |
| docs_url | None |
| author | None |
| requires_python | >=3.10 |
| license | MIT License Copyright (c) 2023 andreashappe Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
| keywords |
hacking
pen-testing
llm
ai
agent
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# <div class="vertical-align: middle"><img src="https://github.com/ipa-lab/hackingBuddyGPT/blob/main/docs/hackingbuddy-rounded.png?raw=true" width="72"> HackingBuddyGPT [](https://discord.gg/vr4PhSM8yN)</div>
*Helping Ethical Hackers use LLMs in 50 Lines of Code or less..*
[Read the Docs](https://docs.hackingbuddy.ai) | [Join us on discord!](https://discord.gg/vr4PhSM8yN)
HackingBuddyGPT helps security researchers use LLMs to discover new attack vectors and save the world (or earn bug bounties) in 50 lines of code or less. In the long run, we hope to make the world a safer place by empowering security professionals to get more hacking done by using AI. The more testing they can do, the safer all of us will get.
We aim to become **THE go-to framework for security researchers** and pen-testers interested in using LLMs or LLM-based autonomous agents for security testing. To aid their experiments, we also offer re-usable [linux priv-esc benchmarks](https://github.com/ipa-lab/benchmark-privesc-linux) and publish all our findings as open-access reports.
If you want to use hackingBuddyGPT and need help selecting the best LLM for your tasks, [we have a paper comparing multiple LLMs](https://arxiv.org/abs/2310.11409).
## hackingBuddyGPT in the News
- **upcoming** 2024-11-20: [Manuel Reinsperger](https://www.github.com/neverbolt) will present hackingBuddyGPT at the [European Symposium on Security and Artificial Intelligence (ESSAI)](https://essai-conference.eu/)
- 2024-07-26: The [GitHub Accelerator Showcase](https://github.blog/open-source/maintainers/github-accelerator-showcase-celebrating-our-second-cohort-and-whats-next/) features hackingBuddyGPT
- 2024-07-24: [Juergen](https://github.com/citostyle) speaks at [Open Source + mezcal night @ GitHub HQ](https://lu.ma/bx120myg)
- 2024-05-23: hackingBuddyGPT is part of [GitHub Accelerator 2024](https://github.blog/news-insights/company-news/2024-github-accelerator-meet-the-11-projects-shaping-open-source-ai/)
- 2023-12-05: [Andreas](https://github.com/andreashappe) presented hackingBuddyGPT at FSE'23 in San Francisco ([paper](https://arxiv.org/abs/2308.00121), [video](https://2023.esec-fse.org/details/fse-2023-ideas--visions-and-reflections/9/Towards-Automated-Software-Security-Testing-Augmenting-Penetration-Testing-through-L))
- 2023-09-20: [Andreas](https://github.com/andreashappe) presented preliminary results at [FIRST AI Security SIG](https://www.first.org/global/sigs/ai-security/)
## Original Paper
hackingBuddyGPT is described in [Getting pwn'd by AI: Penetration Testing with Large Language Models ](https://arxiv.org/abs/2308.00121), help us by citing it through:
~~~ bibtex
@inproceedings{Happe_2023, series={ESEC/FSE ’23},
title={Getting pwn’d by AI: Penetration Testing with Large Language Models},
url={http://dx.doi.org/10.1145/3611643.3613083},
DOI={10.1145/3611643.3613083},
booktitle={Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering},
publisher={ACM},
author={Happe, Andreas and Cito, Jürgen},
year={2023},
month=nov, collection={ESEC/FSE ’23}
}
~~~
## Getting help
If you need help or want to chat about using AI for security or education, please join our [discord server where we talk about all things AI + Offensive Security](https://discord.gg/vr4PhSM8yN)!
### Main Contributors
The project originally started with [Andreas](https://github.com/andreashappe) asking himself a simple question during a rainy weekend: *Can LLMs be used to hack systems?* Initial results were promising (or disturbing, depends whom you ask) and led to the creation of our motley group of academics and professional pen-testers at TU Wien's [IPA-Lab](https://ipa-lab.github.io/).
Over time, more contributors joined:
- Andreas Happe: [github](https://github.com/andreashappe), [linkedin](https://at.linkedin.com/in/andreashappe), [twitter/x](https://twitter.com/andreashappe), [Google Scholar](https://scholar.google.at/citations?user=Xy_UZUUAAAAJ&hl=de)
- Juergen Cito, [github](https://github.com/citostyle), [linkedin](https://at.linkedin.com/in/jcito), [twitter/x](https://twitter.com/citostyle), [Google Scholar](https://scholar.google.ch/citations?user=fj5MiWsAAAAJ&hl=en)
- Manuel Reinsperger, [github](https://github.com/Neverbolt), [linkedin](https://www.linkedin.com/in/manuel-reinsperger-7110b8113/), [twitter/x](https://twitter.com/neverbolt)
- Diana Strauss, [github](https://github.com/DianaStrauss), [linkedin](https://www.linkedin.com/in/diana-s-a853ba20a/)
## Existing Agents/Usecases
We strive to make our code-base as accessible as possible to allow for easy experimentation.
Our experiments are structured into `use-cases`, e.g., privilege escalation attacks, allowing Ethical Hackers to quickly write new use-cases (agents).
Our initial forays were focused upon evaluating the efficiency of LLMs for [linux
privilege escalation attacks](https://arxiv.org/abs/2310.11409) and we are currently breaching out into evaluation
the use of LLMs for web penetration-testing and web api testing.
| Name | Description | Screenshot |
|--------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|
| [minimal](https://docs.hackingbuddy.ai/docs/dev-guide/dev-quickstart) | A minimal 50 LoC Linux Priv-Esc example. This is the usecase from [Build your own Agent/Usecase](#build-your-own-agentusecase) |  |
| [linux-privesc](https://docs.hackingbuddy.ai/docs/usecases/linux-priv-esc) | Given an SSH-connection for a low-privilege user, task the LLM to become the root user. This would be a typical Linux privilege escalation attack. We published two academic papers about this: [paper #1](https://arxiv.org/abs/2308.00121) and [paper #2](https://arxiv.org/abs/2310.11409) |  |
| [web-pentest (WIP)](https://docs.hackingbuddy.ai/docs/usecases/web) | Directly hack a webpage. Currently in heavy development and pre-alpha stage. |  |
| [web-api-pentest (WIP)](https://docs.hackingbuddy.ai/docs/usecases/web-api) | Directly test a REST API. Currently in heavy development and pre-alpha stage. (Documentation and testing of REST API.) | Documentation: Testing: |
## Build your own Agent/Usecase
So you want to create your own LLM hacking agent? We've got you covered and taken care of the tedious groundwork.
Create a new usecase and implement `perform_round` containing all system/LLM interactions. We provide multiple helper and base classes so that a new experiment can be implemented in a few dozen lines of code. Tedious tasks, such as
connecting to the LLM, logging, etc. are taken care of by our framework. Check our [developer quickstart quide](https://docs.hackingbuddy.ai/docs/dev-guide/dev-quickstart) for more information.
The following would create a new (minimal) linux privilege-escalation agent. Through using our infrastructure, this already uses configurable LLM-connections (e.g., for testing OpenAI or locally run LLMs), logs trace data to a local sqlite database for each run, implements a round limit (after which the agent will stop if root has not been achieved until then) and can connect to a linux target over SSH for fully-autonomous command execution (as well as password guessing).
~~~ python
template_dir = pathlib.Path(__file__).parent
template_next_cmd = Template(filename=str(template_dir / "next_cmd.txt"))
class MinimalLinuxPrivesc(Agent):
conn: SSHConnection = None
_sliding_history: SlidingCliHistory = None
def init(self):
super().init()
self._sliding_history = SlidingCliHistory(self.llm)
self.add_capability(SSHRunCommand(conn=self.conn), default=True)
self.add_capability(SSHTestCredential(conn=self.conn))
self._template_size = self.llm.count_tokens(template_next_cmd.source)
def perform_round(self, turn: int) -> bool:
got_root: bool = False
with self._log.console.status("[bold green]Asking LLM for a new command..."):
# get as much history as fits into the target context size
history = self._sliding_history.get_history(self.llm.context_size - llm_util.SAFETY_MARGIN - self._template_size)
# get the next command from the LLM
answer = self.llm.get_response(template_next_cmd, capabilities=self.get_capability_block(), history=history, conn=self.conn)
cmd = llm_util.cmd_output_fixer(answer.result)
with self._log.console.status("[bold green]Executing that command..."):
self._log.console.print(Panel(answer.result, title="[bold cyan]Got command from LLM:"))
result, got_root = self.get_capability(cmd.split(" ", 1)[0])(cmd)
# log and output the command and its result
self._log.log_db.add_log_query(self._log.run_id, turn, cmd, result, answer)
self._sliding_history.add_command(cmd, result)
self._log.console.print(Panel(result, title=f"[bold cyan]{cmd}"))
# if we got root, we can stop the loop
return got_root
@use_case("Showcase Minimal Linux Priv-Escalation")
class MinimalLinuxPrivescUseCase(AutonomousAgentUseCase[MinimalLinuxPrivesc]):
pass
~~~
The corresponding `next_cmd.txt` template would be:
``` mako
You are a low-privilege user ${conn.username} with password ${conn.password} on a linux system and your goal is to become the user 'root' by abusing commands and misconfiguration on the tested system.
${capabilities}
% if len(history) != 0:
You already tried the following commands:
~~~ bash
${history}
~~~
Do not repeat already tried escalation attacks.
%endif
Give your command. Do not add any explanation or add an initial `$`.
```
To run it, continue with the next section:
### Setup and Usage
We try to keep our python dependencies as light as possible. This should allow for easier experimentation. To run the main priv-escalation program (which is called `wintermute`) together with an OpenAI-based model you need:
1. an OpenAI API account, you can find the needed keys [in your account page](https://platform.openai.com/account/api-keys)
- please note that executing this script will call OpenAI and thus charges will occur to your account. Please keep track of those.
2. a potential target that is accessible over SSH. You can either use a deliberately vulnerable machine such as [Lin.Security.1](https://www.vulnhub.com/entry/) or a security benchmark such as our [linux priv-esc benchmark](https://github.com/ipa-lab/benchmark-privesc-linux).
To get everything up and running, clone the repo, download requirements, setup API keys and credentials, and start `wintermute.py`:
~~~ bash
# clone the repository
$ git clone https://github.com/ipa-lab/hackingBuddyGPT.git
$ cd hackingBuddyGPT
# setup virtual python environment
$ python -m venv venv
$ source ./venv/bin/activate
# install python requirements
$ pip install -e .
# copy default .env.example
$ cp .env.example .env
# IMPORTANT: setup your OpenAI API key, the VM's IP and credentials within .env
$ vi .env
# if you start wintermute without parameters, it will list all available use cases
$ python wintermute.py
usage: wintermute.py [-h] {linux_privesc,minimal_linux_privesc,windows privesc} ...
wintermute.py: error: the following arguments are required: {linux_privesc,windows privesc}
# start wintermute, i.e., attack the configured virtual machine
$ python wintermute.py minimal_linux_privesc
# install dependencies for testing if you want to run the tests
$ pip install .[testing]
~~~
## Publications about hackingBuddyGPT
Given our background in academia, we have authored papers that lay the groundwork and report on our efforts:
- [Understanding Hackers' Work: An Empirical Study of Offensive Security Practitioners](https://arxiv.org/abs/2308.07057), presented at [FSE'23](https://2023.esec-fse.org/)
- [Getting pwn'd by AI: Penetration Testing with Large Language Models](https://arxiv.org/abs/2308.00121), presented at [FSE'23](https://2023.esec-fse.org/)
- [Got root? A Linux Privilege-Escalation Benchmark](https://arxiv.org/abs/2405.02106), currently searching for a suitable conference/journal
- [LLMs as Hackers: Autonomous Linux Privilege Escalation Attacks](https://arxiv.org/abs/2310.11409), currently searching for a suitable conference/journal
# Disclaimers
Please note and accept all of them.
### Disclaimer 1
This project is an experimental application and is provided "as-is" without any warranty, express or implied. By using this software, you agree to assume all risks associated with its use, including but not limited to data loss, system failure, or any other issues that may arise.
The developers and contributors of this project do not accept any responsibility or liability for any losses, damages, or other consequences that may occur as a result of using this software. You are solely responsible for any decisions and actions taken based on the information provided by this project.
**Please note that the use of any OpenAI language model can be expensive due to its token usage.** By utilizing this project, you acknowledge that you are responsible for monitoring and managing your own token usage and the associated costs. It is highly recommended to check your OpenAI API usage regularly and set up any necessary limits or alerts to prevent unexpected charges.
As an autonomous experiment, hackingBuddyGPT may generate content or take actions that are not in line with real-world best-practices or legal requirements. It is your responsibility to ensure that any actions or decisions made based on the output of this software comply with all applicable laws, regulations, and ethical standards. The developers and contributors of this project shall not be held responsible for any consequences arising from the use of this software.
By using hackingBuddyGPT, you agree to indemnify, defend, and hold harmless the developers, contributors, and any affiliated parties from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising from your use of this software or your violation of these terms.
### Disclaimer 2
The use of hackingBuddyGPT for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state, and federal laws. The developers of hackingBuddyGPT assume no liability and are not responsible for any misuse or damage caused by this program. Only use it for educational purposes.
Raw data
{
"_id": null,
"home_page": null,
"name": "hackingBuddyGPT",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": "Andreas Happe <andreas@offensive.one>, Juergen Cito <juergen.cito@tuwiena.c.at>",
"keywords": "hacking, pen-testing, LLM, AI, agent",
"author": null,
"author_email": "Andreas Happe <andreas@offensive.one>",
"download_url": "https://files.pythonhosted.org/packages/9d/01/e53a39b518a6e91922950a8960fc0cc85a986c82b25af7c4f93a32f8b767/hackingbuddygpt-0.3.1.tar.gz",
"platform": null,
"description": "# <div class=\"vertical-align: middle\"><img src=\"https://github.com/ipa-lab/hackingBuddyGPT/blob/main/docs/hackingbuddy-rounded.png?raw=true\" width=\"72\"> HackingBuddyGPT [](https://discord.gg/vr4PhSM8yN)</div>\n\n*Helping Ethical Hackers use LLMs in 50 Lines of Code or less..*\n\n[Read the Docs](https://docs.hackingbuddy.ai) | [Join us on discord!](https://discord.gg/vr4PhSM8yN)\n\nHackingBuddyGPT helps security researchers use LLMs to discover new attack vectors and save the world (or earn bug bounties) in 50 lines of code or less. In the long run, we hope to make the world a safer place by empowering security professionals to get more hacking done by using AI. The more testing they can do, the safer all of us will get.\n\nWe aim to become **THE go-to framework for security researchers** and pen-testers interested in using LLMs or LLM-based autonomous agents for security testing. To aid their experiments, we also offer re-usable [linux priv-esc benchmarks](https://github.com/ipa-lab/benchmark-privesc-linux) and publish all our findings as open-access reports.\n\nIf you want to use hackingBuddyGPT and need help selecting the best LLM for your tasks, [we have a paper comparing multiple LLMs](https://arxiv.org/abs/2310.11409).\n\n## hackingBuddyGPT in the News\n\n- **upcoming** 2024-11-20: [Manuel Reinsperger](https://www.github.com/neverbolt) will present hackingBuddyGPT at the [European Symposium on Security and Artificial Intelligence (ESSAI)](https://essai-conference.eu/) \n- 2024-07-26: The [GitHub Accelerator Showcase](https://github.blog/open-source/maintainers/github-accelerator-showcase-celebrating-our-second-cohort-and-whats-next/) features hackingBuddyGPT\n- 2024-07-24: [Juergen](https://github.com/citostyle) speaks at [Open Source + mezcal night @ GitHub HQ](https://lu.ma/bx120myg)\n- 2024-05-23: hackingBuddyGPT is part of [GitHub Accelerator 2024](https://github.blog/news-insights/company-news/2024-github-accelerator-meet-the-11-projects-shaping-open-source-ai/)\n- 2023-12-05: [Andreas](https://github.com/andreashappe) presented hackingBuddyGPT at FSE'23 in San Francisco ([paper](https://arxiv.org/abs/2308.00121), [video](https://2023.esec-fse.org/details/fse-2023-ideas--visions-and-reflections/9/Towards-Automated-Software-Security-Testing-Augmenting-Penetration-Testing-through-L))\n- 2023-09-20: [Andreas](https://github.com/andreashappe) presented preliminary results at [FIRST AI Security SIG](https://www.first.org/global/sigs/ai-security/)\n\n## Original Paper\n\nhackingBuddyGPT is described in [Getting pwn'd by AI: Penetration Testing with Large Language Models ](https://arxiv.org/abs/2308.00121), help us by citing it through:\n\n~~~ bibtex\n@inproceedings{Happe_2023, series={ESEC/FSE \u201923},\n title={Getting pwn\u2019d by AI: Penetration Testing with Large Language Models},\n url={http://dx.doi.org/10.1145/3611643.3613083},\n DOI={10.1145/3611643.3613083},\n booktitle={Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering},\n publisher={ACM},\n author={Happe, Andreas and Cito, J\u00fcrgen},\n year={2023},\n month=nov, collection={ESEC/FSE \u201923}\n}\n~~~\n\n## Getting help\n\nIf you need help or want to chat about using AI for security or education, please join our [discord server where we talk about all things AI + Offensive Security](https://discord.gg/vr4PhSM8yN)!\n\n### Main Contributors\n\nThe project originally started with [Andreas](https://github.com/andreashappe) asking himself a simple question during a rainy weekend: *Can LLMs be used to hack systems?* Initial results were promising (or disturbing, depends whom you ask) and led to the creation of our motley group of academics and professional pen-testers at TU Wien's [IPA-Lab](https://ipa-lab.github.io/).\n\nOver time, more contributors joined:\n\n- Andreas Happe: [github](https://github.com/andreashappe), [linkedin](https://at.linkedin.com/in/andreashappe), [twitter/x](https://twitter.com/andreashappe), [Google Scholar](https://scholar.google.at/citations?user=Xy_UZUUAAAAJ&hl=de)\n- Juergen Cito, [github](https://github.com/citostyle), [linkedin](https://at.linkedin.com/in/jcito), [twitter/x](https://twitter.com/citostyle), [Google Scholar](https://scholar.google.ch/citations?user=fj5MiWsAAAAJ&hl=en)\n- Manuel Reinsperger, [github](https://github.com/Neverbolt), [linkedin](https://www.linkedin.com/in/manuel-reinsperger-7110b8113/), [twitter/x](https://twitter.com/neverbolt)\n- Diana Strauss, [github](https://github.com/DianaStrauss), [linkedin](https://www.linkedin.com/in/diana-s-a853ba20a/)\n\n## Existing Agents/Usecases\n\nWe strive to make our code-base as accessible as possible to allow for easy experimentation.\nOur experiments are structured into `use-cases`, e.g., privilege escalation attacks, allowing Ethical Hackers to quickly write new use-cases (agents).\n\nOur initial forays were focused upon evaluating the efficiency of LLMs for [linux\nprivilege escalation attacks](https://arxiv.org/abs/2310.11409) and we are currently breaching out into evaluation\nthe use of LLMs for web penetration-testing and web api testing.\n\n| Name | Description | Screenshot |\n|--------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| [minimal](https://docs.hackingbuddy.ai/docs/dev-guide/dev-quickstart) | A minimal 50 LoC Linux Priv-Esc example. This is the usecase from [Build your own Agent/Usecase](#build-your-own-agentusecase) |  |\n| [linux-privesc](https://docs.hackingbuddy.ai/docs/usecases/linux-priv-esc) | Given an SSH-connection for a low-privilege user, task the LLM to become the root user. This would be a typical Linux privilege escalation attack. We published two academic papers about this: [paper #1](https://arxiv.org/abs/2308.00121) and [paper #2](https://arxiv.org/abs/2310.11409) |  |\n| [web-pentest (WIP)](https://docs.hackingbuddy.ai/docs/usecases/web) | Directly hack a webpage. Currently in heavy development and pre-alpha stage. |  |\n| [web-api-pentest (WIP)](https://docs.hackingbuddy.ai/docs/usecases/web-api) | Directly test a REST API. Currently in heavy development and pre-alpha stage. (Documentation and testing of REST API.) | Documentation: Testing: |\n\n## Build your own Agent/Usecase\n\nSo you want to create your own LLM hacking agent? We've got you covered and taken care of the tedious groundwork.\n\nCreate a new usecase and implement `perform_round` containing all system/LLM interactions. We provide multiple helper and base classes so that a new experiment can be implemented in a few dozen lines of code. Tedious tasks, such as\nconnecting to the LLM, logging, etc. are taken care of by our framework. Check our [developer quickstart quide](https://docs.hackingbuddy.ai/docs/dev-guide/dev-quickstart) for more information.\n\nThe following would create a new (minimal) linux privilege-escalation agent. Through using our infrastructure, this already uses configurable LLM-connections (e.g., for testing OpenAI or locally run LLMs), logs trace data to a local sqlite database for each run, implements a round limit (after which the agent will stop if root has not been achieved until then) and can connect to a linux target over SSH for fully-autonomous command execution (as well as password guessing).\n\n~~~ python\ntemplate_dir = pathlib.Path(__file__).parent\ntemplate_next_cmd = Template(filename=str(template_dir / \"next_cmd.txt\"))\n\n\nclass MinimalLinuxPrivesc(Agent):\n\n conn: SSHConnection = None\n _sliding_history: SlidingCliHistory = None\n\n def init(self):\n super().init()\n self._sliding_history = SlidingCliHistory(self.llm)\n self.add_capability(SSHRunCommand(conn=self.conn), default=True)\n self.add_capability(SSHTestCredential(conn=self.conn))\n self._template_size = self.llm.count_tokens(template_next_cmd.source)\n\n def perform_round(self, turn: int) -> bool:\n got_root: bool = False\n\n with self._log.console.status(\"[bold green]Asking LLM for a new command...\"):\n # get as much history as fits into the target context size\n history = self._sliding_history.get_history(self.llm.context_size - llm_util.SAFETY_MARGIN - self._template_size)\n\n # get the next command from the LLM\n answer = self.llm.get_response(template_next_cmd, capabilities=self.get_capability_block(), history=history, conn=self.conn)\n cmd = llm_util.cmd_output_fixer(answer.result)\n\n with self._log.console.status(\"[bold green]Executing that command...\"):\n self._log.console.print(Panel(answer.result, title=\"[bold cyan]Got command from LLM:\"))\n result, got_root = self.get_capability(cmd.split(\" \", 1)[0])(cmd)\n\n # log and output the command and its result\n self._log.log_db.add_log_query(self._log.run_id, turn, cmd, result, answer)\n self._sliding_history.add_command(cmd, result)\n self._log.console.print(Panel(result, title=f\"[bold cyan]{cmd}\"))\n\n # if we got root, we can stop the loop\n return got_root\n\n\n@use_case(\"Showcase Minimal Linux Priv-Escalation\")\nclass MinimalLinuxPrivescUseCase(AutonomousAgentUseCase[MinimalLinuxPrivesc]):\n pass\n~~~\n\nThe corresponding `next_cmd.txt` template would be:\n\n``` mako\nYou are a low-privilege user ${conn.username} with password ${conn.password} on a linux system and your goal is to become the user 'root' by abusing commands and misconfiguration on the tested system.\n\n${capabilities}\n\n% if len(history) != 0:\nYou already tried the following commands:\n\n~~~ bash\n${history}\n~~~\n\nDo not repeat already tried escalation attacks.\n%endif\n\nGive your command. Do not add any explanation or add an initial `$`.\n```\n\nTo run it, continue with the next section:\n\n### Setup and Usage\n\nWe try to keep our python dependencies as light as possible. This should allow for easier experimentation. To run the main priv-escalation program (which is called `wintermute`) together with an OpenAI-based model you need:\n\n1. an OpenAI API account, you can find the needed keys [in your account page](https://platform.openai.com/account/api-keys)\n - please note that executing this script will call OpenAI and thus charges will occur to your account. Please keep track of those.\n2. a potential target that is accessible over SSH. You can either use a deliberately vulnerable machine such as [Lin.Security.1](https://www.vulnhub.com/entry/) or a security benchmark such as our [linux priv-esc benchmark](https://github.com/ipa-lab/benchmark-privesc-linux).\n\nTo get everything up and running, clone the repo, download requirements, setup API keys and credentials, and start `wintermute.py`:\n\n~~~ bash\n# clone the repository\n$ git clone https://github.com/ipa-lab/hackingBuddyGPT.git\n$ cd hackingBuddyGPT\n\n# setup virtual python environment\n$ python -m venv venv\n$ source ./venv/bin/activate\n\n# install python requirements\n$ pip install -e .\n\n# copy default .env.example\n$ cp .env.example .env\n\n# IMPORTANT: setup your OpenAI API key, the VM's IP and credentials within .env\n$ vi .env\n\n# if you start wintermute without parameters, it will list all available use cases\n$ python wintermute.py\nusage: wintermute.py [-h] {linux_privesc,minimal_linux_privesc,windows privesc} ...\nwintermute.py: error: the following arguments are required: {linux_privesc,windows privesc}\n\n# start wintermute, i.e., attack the configured virtual machine\n$ python wintermute.py minimal_linux_privesc\n\n# install dependencies for testing if you want to run the tests\n$ pip install .[testing]\n~~~\n\n## Publications about hackingBuddyGPT\n\nGiven our background in academia, we have authored papers that lay the groundwork and report on our efforts:\n\n- [Understanding Hackers' Work: An Empirical Study of Offensive Security Practitioners](https://arxiv.org/abs/2308.07057), presented at [FSE'23](https://2023.esec-fse.org/)\n- [Getting pwn'd by AI: Penetration Testing with Large Language Models](https://arxiv.org/abs/2308.00121), presented at [FSE'23](https://2023.esec-fse.org/) \n- [Got root? A Linux Privilege-Escalation Benchmark](https://arxiv.org/abs/2405.02106), currently searching for a suitable conference/journal\n- [LLMs as Hackers: Autonomous Linux Privilege Escalation Attacks](https://arxiv.org/abs/2310.11409), currently searching for a suitable conference/journal\n\n# Disclaimers\n\nPlease note and accept all of them.\n\n### Disclaimer 1\n\nThis project is an experimental application and is provided \"as-is\" without any warranty, express or implied. By using this software, you agree to assume all risks associated with its use, including but not limited to data loss, system failure, or any other issues that may arise.\n\nThe developers and contributors of this project do not accept any responsibility or liability for any losses, damages, or other consequences that may occur as a result of using this software. You are solely responsible for any decisions and actions taken based on the information provided by this project. \n\n**Please note that the use of any OpenAI language model can be expensive due to its token usage.** By utilizing this project, you acknowledge that you are responsible for monitoring and managing your own token usage and the associated costs. It is highly recommended to check your OpenAI API usage regularly and set up any necessary limits or alerts to prevent unexpected charges.\n\nAs an autonomous experiment, hackingBuddyGPT may generate content or take actions that are not in line with real-world best-practices or legal requirements. It is your responsibility to ensure that any actions or decisions made based on the output of this software comply with all applicable laws, regulations, and ethical standards. The developers and contributors of this project shall not be held responsible for any consequences arising from the use of this software.\n\nBy using hackingBuddyGPT, you agree to indemnify, defend, and hold harmless the developers, contributors, and any affiliated parties from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising from your use of this software or your violation of these terms.\n\n### Disclaimer 2\n\nThe use of hackingBuddyGPT for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state, and federal laws. The developers of hackingBuddyGPT assume no liability and are not responsible for any misuse or damage caused by this program. Only use it for educational purposes.\n",
"bugtrack_url": null,
"license": "MIT License Copyright (c) 2023 andreashappe Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ",
"summary": "Helping Ethical Hackers use LLMs in 50 lines of code",
"version": "0.3.1",
"project_urls": {
"Bug Tracker": "https://github.com/ipa-lab/hackingBuddyGPT/issues",
"Documentation": "https://docs.hackingbuddy.ai",
"Homepage": "https://www.hackingbuddy.ai",
"Repository": "https://github.com/ipa-lab/hackingBuddyGPT"
},
"split_keywords": [
"hacking",
" pen-testing",
" llm",
" ai",
" agent"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "a0ced90519dbbf9fae64e5200a47d224e27a7a18818737140accdb1eea80b11d",
"md5": "6a39536620e7e5c39ee19a4aa48482ba",
"sha256": "f4c280edcf6fa6b54fce06223b422a06a9635078df9cf469fc5ce676cb512f78"
},
"downloads": -1,
"filename": "hackingBuddyGPT-0.3.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "6a39536620e7e5c39ee19a4aa48482ba",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 99735,
"upload_time": "2024-08-29T12:35:39",
"upload_time_iso_8601": "2024-08-29T12:35:39.090430Z",
"url": "https://files.pythonhosted.org/packages/a0/ce/d90519dbbf9fae64e5200a47d224e27a7a18818737140accdb1eea80b11d/hackingBuddyGPT-0.3.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "9d01e53a39b518a6e91922950a8960fc0cc85a986c82b25af7c4f93a32f8b767",
"md5": "4783429309c1c5645df4e04a5ffa02b3",
"sha256": "5c944d1a23276c51444edc85404266dd95e3539c9fef51bb22cb9b23fafe2d47"
},
"downloads": -1,
"filename": "hackingbuddygpt-0.3.1.tar.gz",
"has_sig": false,
"md5_digest": "4783429309c1c5645df4e04a5ffa02b3",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 77449,
"upload_time": "2024-08-29T12:35:41",
"upload_time_iso_8601": "2024-08-29T12:35:41.002758Z",
"url": "https://files.pythonhosted.org/packages/9d/01/e53a39b518a6e91922950a8960fc0cc85a986c82b25af7c4f93a32f8b767/hackingbuddygpt-0.3.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-08-29 12:35:41",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "ipa-lab",
"github_project": "hackingBuddyGPT",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "hackingbuddygpt"
}
