Feat: Improve LMM SSH Honeypot (#112)

* add LMM Honeypot HTTP Server * improve unit test code coverage * integrate LLM plugin into http honeypot strategy * improve code coverage * fix typos * improve OpenAI plugin with gpt-4, adpt new API amd map new object * improve LLM SSH honeypot, fix updated README.md
mariocandela · Jun 23, 2024 · 59f40a1 · 59f40a1
1 parent 93d7804
commit 59f40a1
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -224,7 +224,7 @@ serverName: "ubuntu"
 passwordRegex: "^(root|qwerty|Smoker666|123456|jenkins|minecraft|sinus|alex|postgres|Ly123456)$"
 deadlineTimeoutSeconds: 60
 plugin:
-  openAPIChatGPTSecretKey: "Your OpenAI Secret Key"
+  openAISecretKey: "Your OpenAI Secret Key"
 ```
 
 ###### SSH Honeypot on Port 22

diff --git a/plugins/openai-gpt.go b/plugins/openai-gpt.go
@@ -10,7 +10,7 @@ import (
 )
 
 const (
-	systemPromptVirtualizeLinuxTerminal = "You will act as an Ubuntu Linux terminal. The user will type commands, and you are to reply with what the terminal should show. Your responses must be contained within a single code block. Do not provide explanations or type commands unless explicitly instructed by the user. Remember previous commands and consider their effects on subsequent outputs."
+	systemPromptVirtualizeLinuxTerminal = "You will act as an Ubuntu Linux terminal. The user will type commands, and you are to reply with what the terminal should show. Your responses must be contained within a single code block. Do not provide explanations or type commands unless explicitly instructed by the user. Your entire response/output is going to consist of a simple text with \n for new line, and you will NOT wrap it within string md markers"
 	systemPromptVirtualizeHTTPServer    = "You will act as an unsecure HTTP Server with multiple vulnerability like aws and git credentials stored into root http directory. The user will send HTTP requests, and you are to reply with what the server should show. Do not provide explanations or type commands unless explicitly instructed by the user."
 	ChatGPTPluginName                   = "LLMHoneypot"
 	openAIGPTEndpoint                   = "https://api.openai.com/v1/chat/completions"
@@ -128,7 +128,7 @@ func (openAIVirtualHoneypot *openAIVirtualHoneypot) GetCompletions(command strin
 	}
 
 	requestJson, err := json.Marshal(gptRequest{
-		Model:    "gpt-4", //"gpt-3.5-turbo",
+		Model:    "gpt-4o",
 		Messages: prompt,
 	})
 	if err != nil {

diff --git a/protocols/strategies/ssh.go b/protocols/strategies/ssh.go
@@ -71,7 +71,8 @@ func (sshStrategy *SSHStrategy) Init(beelzebubServiceConfiguration parser.Beelze
 								}
 							}
 
-							histories = append(histories, plugins.Message{Role: plugins.USER.String(), Content: commandOutput})
+							histories = append(histories, plugins.Message{Role: plugins.USER.String(), Content: commandInput})
+							histories = append(histories, plugins.Message{Role: plugins.ASSISTANT.String(), Content: commandOutput})
 
 							term.Write(append([]byte(commandOutput), '\n'))