A.I CTF Solver

Category:

Tags:

A while back I used to participate in CTFs a.k.a Capture The Flag competitions. Essentially, these are competition where you have an “flag”, a secret key, that you need to find from some kind of data. Maybe images, encrypted text files and most commonly by exposing some kind of vulnerability in a computer system or app.

What if an A.I could be trained to solve CTFs? That would be interesting. Specifically, there is a ctf called OvertheWire wargames. Here you have to find flags based on some instructions/clues given from a Linux Machine. This might be an optimal candidate for a couple of reasons.

  1. It’s text2text. So it’s very easy to buid a model around it
  2. It’s accessed through SSH.

These are the reasons I can think as of now. Solving this might lead to more avenues.

Method

First, we need a GPT2 (using it because it’s a nice blend between complexity and computation cost efficiency) finetuned on linux commands. We are giving it and idea of what type of commands to generate.

The first challenge is where to find a dataset of linux commands. We examples of real commands that are used. So all common ones like ls, cd , git , pwd, and ssh must arise in the dataset.

While searching, I came across this dataset – UNIX User Data. It contains linux command history of 8 different users along multiple sessions. This might work.

Next step is to finetune a GPT-2 with this data. I’ve preprocessed the data and started the training process. More details can be found in this repo below

Github: https://github.com/grad-ai/Elliot.git


Discover more from Niranjan Orkat

Subscribe to get the latest posts sent to your email.


Leave a Reply

Your email address will not be published. Required fields are marked *