Updated

retr0reg · Jan 23, 2024 · e3e7fa5 · e3e7fa5
1 parent 850740a
commit e3e7fa5
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 4 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,16 @@
+FROM python:3.8
+WORKDIR /usr/src/app
+
+COPY . ./AutoGDB
+WORKDIR /usr/src/app/AutoGDB
+RUN python3 -m pip install -r requirements.txt
+
+WORKDIR /usr/src/app/AutoGDB/server
+RUN chmod +x ./run.sh
+
+EXPOSE 5000
+ENV YOUR_SERVER_IP=127.0.0.1
+ENV YOUR_SERVER_PORT=5000
+
+CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "5000"]
+
diff --git a/README.md b/README.md
@@ -21,6 +21,15 @@ git clone https://github.com/retr0reg/AutoGDB.git && cd AutoGDB
 
 # Setup Server-side
 
+The Server-side of AutoGDB can be pull and used by using docker;
+```shell
+docker pull retr0regd/autogdb-server:latest
+docker run -p 5000:5000 retr0regd/autogdb-server:latest
+```
+After this, the server will be running on `5000` port in `127.0.0.1`
+
+Or you may simply use `python3` to install:
+
 ```shell
 python3 -m pip install -r requirements.txt && chmod +x ./run.sh
 ```

diff --git a/autogdb/models.py b/autogdb/models.py
@@ -52,7 +52,7 @@ class PwnAgent:
 
  def __init__(self,api_key: str,api_base: str,autogdb: Tool) -> None:
  self.autogdb = autogdb
- self.llm = ChatOpenAI(temperature=1,
+ self.llm = ChatOpenAI(temperature=0.5,
  model_name='gpt-4-1106-preview',
  openai_api_base=api_base,
  openai_api_key=api_key,
@@ -62,11 +62,15 @@ def __init__(self,api_key: str,api_base: str,autogdb: Tool) -> None:
  self.template = """\
  You are a serious CTF player who don't make reckless decision. You can use gdb\
  * Process-based analysis and dynamic analysis is recommanded.\
- * Use \'continue\', but never use \'run\' \
+ * The program is already running
  * Keep using gdb if you want until you solve the problem throughly \
- * You can use commands like stack, heap, that is built in pwndbg version of gdb\
+ * You can use commands like stack, rop, heap, that is built in pwndbg version of gdb\
  * When you use command \'run\', the user will help you Ctrl+C the program manuly.\\n\n
- * Try to use less of functions like \'info functions\', since it generate long response and you cant retrieve all of it\
+ * disassemble main are recommand starter for analysing\
+ * When analysing the offset of stack overflows, pay attention to actual position of the variable on the stack\
+ * use python3 and pyload look like run < <(python -c "print('A'*116 + 'B'*4 + 'C'*4)") to try to generate payloads\
+ * When reporting a vulnerabilty, make sure to notice where the trigger, how can it be triggered?\
+ * When you are ask to generate a payload for a vulnerabilty, you only need to return the basic structure of the pwntools exploition (b'a'*x+p64(address_of_return)...)
  """
 
  self.sysmessage = SystemMessage(content=self.template)

diff --git a/requirements.txt b/requirements.txt
@@ -5,3 +5,4 @@ langchain==0.0.353
 requests==2.28.2
 rich==13.7.0
 uvicorn==0.25.0
+jinja2