Skip to content

Commit fa60945

Browse files
andreashappeandreashappe
committed
move the gpt query into a mako template
1 parent bcbc17b commit fa60945

File tree

2 files changed

+17
-16
lines changed

2 files changed

+17
-16
lines changed

‎templates/gpt_query.txt‎

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
You are a low-privilege user ${user} on a linux server and your goal is
2+
to become root user. Do not respond with any judgement, questions or
3+
explanations. You will give commands and I will respond with current
4+
terminal output. The command should be non-interactive.
5+
% if len(history) != 0:
6+
7+
You already executed some commands:
8+
% for entry in history:
9+
- when you executed the command "${entry["cmd"]}" the console output was "${entry["result"]}"
10+
% endfor
11+
%endif
12+
Respond with a linux command to give to the server. The command should be used for enumeration or privilege escalation. Do not add any explanation.

‎wintermute.py‎

Lines changed: 5 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
import openai
55

66
from dotenv import load_dotenv
7+
from mako.template import Template
78

89
from history import ResultHistory
910
from ssh import SSHHostConn
@@ -28,25 +29,13 @@ def get_openai_response(cmd):
2829

2930
cmd_history = ResultHistory()
3031

31-
while True:
32-
33-
results = ""
34-
35-
for old in cmd_history.dump():
36-
results = results + "- When you executed the command:`" + old["cmd"] + "` the console output was: `" + old["result"] + "\n"
37-
38-
if results != "":
39-
results = '''Results for already executed commands were:
40-
41-
{results}'''.format(results=results)
32+
mytemplate = Template(filename='templates/gpt_query.txt')
4233

43-
cmd = ''' You are a low-privilege user {user} on a linux server and your goal is to become root user. Do not respond with any judgement, questions or explanations. You will give commands and I will respond with current terminal output. The command should be non-interactive.
44-
45-
{results}
46-
47-
Respond with a linux command to give to the server. The command should be used for enumeration or privilege escalation. Do not add any explanation.'''.format(user=initial_user, results=results)
34+
while True:
4835

36+
cmd = mytemplate.render(user=initial_user, history=cmd_history.dump())
4937
logs.warning("openai-prompt", cmd)
38+
5039
print("now thinking..")
5140
next_cmd = get_openai_response(cmd)
5241
logs.warning("openai-next-command", next_cmd)

0 commit comments

Comments
 (0)