Shell GPT (SGPT) is a command-line software that integrates with OpenAI’s GPT-4 fashions to allow pure language processing (NLP) out of your Linux shell. It’s designed to simplify repetitive duties, generate scripts, and help with coding, all from throughout the terminal surroundings. SGPT is a strong software that brings the capabilities of OpenAI’s GPT fashions immediately into the Linux command line.
SGPT itself is free to put in and use, however you’ll need an OpenAI API key, which can include prices relying in your utilization tier. SGPT requires an energetic web connection because it depends on OpenAI’s cloud-based API to perform.
Necessities
- Python Model: Python 3.6 or later
- OpenAI API Key: You will have an API key from OpenAI to entry GPT fashions.
Step 1: Set up Python
SGPT requires Python to run. Most Linux distributions include Python pre-installed, but when not, you possibly can set up it utilizing:
Step 2: Set up pip (Python Bundle Installer)
You’ll want a pip to put in SGPT. Set up it utilizing the next command:
sudo apt set up python3-pip
Step 3: Set up SGPT
Now that Python and pip are put in, you possibly can set up SGPT utilizing pip:
pip set up shell-gpt --break-system-packages
observe: you’ll need so as to add –break-system-packages on the finish of command. Else, you’re going to get some warning messages and set up will probably be stopped.
You need to use pip3 set up shell-gpt as nicely.
Step 4: Confirm Set up
As soon as the set up is full, confirm that SGPT has been instsualled appropriately by operating:
┌──(root㉿kali)-[~/.config/shell_gpt]
└─# sgpt --version
ShellGPT 1.4.4
This could ask you to enter openai api key, then return the put in model of SGPT, confirming that it’s prepared to be used.
Establishing OpenAI API Key
Step 1: Get the OpenAI API Key
- Go to the OpenAI API web site.
- Enroll or log in to your account.
- Navigate to the API part and generate a brand new API key.
After you arrange your account, click on in your account identify on the prime proper and go to your profile. You’ll then arrange billing and limits to fund your account.
It would be best to fund your account. As a newbie or hobbyist, $5 USD is greater than sufficient for most individuals to get began. I might additionally advocate disabling auto billing/funding and setting limits. Should you don’t need any surprises, arrange your account correctly.
Utilization:
Step 2: Set API Key in Setting Variables
zsh and bash are completely different shells that can be utilized on macOS and different Unix model OSes (Linux, BSD, macOS …). zsh is just like bash however has some extra options.
zsh is the default shell in newer macOS variations whereas bash is the default for older ones. You possibly can change what shell will get used once you open an new tab or window in Terminal by going to the Terminal preferences. Each zsh and bash have plenty of completely different shell information that get run at completely different instances. The one you wish to edit is both .zshrc or .bashrc (relying in your selection of shell) – these particular information comprise shell instructions which are run each time you open a brand new Terminal window or tab.
After getting your API key, set it as an surroundings variable to permit SGPT to make use of it:
- export OPENAI_API_KEY=”your-api-key-here”
Alternatively, you possibly can add this line to your ~/.zshrc to persist the important thing throughout periods:
- echo ‘export OPENAI_API_KEY=”your-api-key-here”‘ >> ~/.zshrc
- supply ~/.zshrc
=================================================================
~/.config/shell_gpt/.sgptrc
Combine ShellGPT in Parrot Safety Machine
From EC-Council CEH Lab:
-
Go to the OpenAI platform (https://platform.openai.com) and join or log in to your present account.
-
As soon as logged in, click on the profile icon on the top-right, click on Your profile choice and navigate to the Billing part.
-
Beneath Billing part, go to Cost strategies and click on Add fee technique so as to add a fee technique.
-
Go to Overview and click on Add to credit score stability.
-
Enter minimal quantity, i.e. $5 for Quantity so as to add, and click on proceed. Please refer https://openai.com/api/pricing/ for API pricing particulars.
-
Click on Affirm fee and full the transaction so as to add the credit score stability.
-
Now, click on Parrot Safety to modify to Parrot Safety machine and login with attacker/toor.
-
Open a Terminal window and kind chromium and press Enter to launch Chromium net browser.
-
The Chromium window seems, go to https://platform.openai.com/api-keys.
-
An OpenAI Platform webpage seems, click on on Login and login to the OpenAI account which you’ve gotten created on the beginning of this lab.
-
You’ll be redirected to Undertaking API Keys window, click on on + Create new secret key button to create a brand new key.
-
A Create new secret key window seems, present a reputation for the key key (right here, CEH) and go away all of the settings as default, as proven within the screenshot and click on on Create secret key button.
-
Save your key pop-up seems, click on Copy button to repeat the important thing.
-
Now, open a brand new terminal with superuser privileges, by executing sudo su command (When prompted, enter the password toor).
-
Run sgpt command to launch ShellGPT software.
-
You’ll be prompted to enter your OpenAI API key, paste the copied API key within the terminal window and press Enter.
The key key you’ve gotten entered is not going to be seen.
-
If the API key integration is profitable you need to obtain a message, as proven within the screenshot.
Configuring SGPT for Utilization
API secret’s saved at this location:
- ~/.config/shell_gpt/.sgptrc
===================================================
Following info is likely to be outdated.
Config File:SGPT creates a configuration file at ~/.config/shell_gpt/config.yaml the place you possibly can regulate default behaviour like:
- Default mannequin: Select between GPT fashions.
- Temperature: Management randomness in responses.
You possibly can edit the configuration by operating:
- nano ~/.config/shell_gpt/config.yaml
sgpt utilization Examples: Question
Full listing of arguments
--model TEXT OpenAI mannequin identify. [default: text-davinci-003]
--max-tokens INTEGER Strict size of output (phrases). [default: 2048]
--shell --no-shell Get shell command as output. [default: no-shell]
--execute --no-execute Used with --shell, will execute command. [default: no-execute]
--code --no-code Present solely code as output. [default: no-code]
--spinner --no-spinner Present loading spinner throughout API request. [default: spinner]
--animation --no-animation Typewriter animation. [default: animation]
--help Present this message and exit.
Question Examples:
- sgpt –shell “make all information in present listing learn solely”
- sgpt “Clarify how HTTP works.”
- sgpt “Write a bash script to again up /residence/consumer/paperwork to /backup.”
- sgpt “Clarify this Python code: def factorial(n): return 1 if n == 0 else n * factorial(n-1)”
- sgpt “Create a bash script to again up /var/log to /backup/log each night time.”
- sgpt “create a cron job script to run a database backup at midnight daily.”
sgpt utilization Examples:
Execute the shell code:
sgpt –shell –execute “make all information in present listing learn solely”
-> chmod 444 *
-> Execute shell command? [y/N]: y
…
- sgpt –chat fp –shell “use fping to seek out energetic hosts in native community 192.168.2.0/24”
- fping -a -g 192.168.2.0/24 2>/dev/null
sgpt –chat footprint –shell “Use filetype search operator to acquire pdf information on the goal web site eccouncil.org and retailer the outcome within the ec-recon.txt file.”curl -s “https://www.google.com/search?q=web site:eccouncil.org+filetype:pdf” -A “Mozilla/5.0″ | grep -oP ‘https?://[^”]+.pdf’ > ec-recon.txtsgpt –chat footprint –shell “Use inurl search operator to obtail the Fortinet VPN login pages”curl -s “https://www.google.com/search?q=inurl:%22/distant/loginpercent22+Fortinet+VPN” -A “Mozilla/5.0” | grep -oP ‘https?://S+’sgpt –chat area –shell “Uncover all of the subdomains of ‘google.com’ utilizing dig command.”- sgpt –chat footprint –shell “Use Sublist3r to assemble an inventory of subdomains of the goal group eccouncil“
- sgpt –chat fp –shell “Use theHarvester to assemble hosts related to ‘microsoft.com’, limiting outcomes to 200, and leveraging ‘duckduckgo’ as an information supply”
- baidu may be supply as nicely
- sgpt –shell “what’s my pc’s dns configuration”
- nmcli dev present | grep ‘IP4.DNS’
Outputs:
──(root㉿kali)-[~]
└─# sgpt –chat fp –shell “Use theHarvester to assemble subdomains related to ‘microsoft.com’, limiting outcomes to 200, and leveraging ‘duckduckgo’ as an information supply”
theHarvester -d microsoft.com -l 200 -b duckduckgo
[E]xecute, [D]escribe, [A]bort: E
Learn proxies.yaml from /root/.theHarvester/proxies.yaml
*******************************************************************
* _ _ _ *
* | |_| |__ ___ / /__ _ _ ____ _____ ___| |_ ___ _ __ *
* | __| _ / _ / /_/ / _` | ‘__ / / _ / __| __/ _ ‘__| *
* | |_| | | | __/ / __ / (_| | | V / __/__ || __/ | *
* __|_| |_|___| / /_/ __,_|_| _/ ___||___/_____|_| *
* *
* theHarvester 4.6.0 *
* Coded by Christian Martorella *
* Edge-Safety Analysis *
* [email protected] *
* *
*******************************************************************
[*] Goal: microsoft.com
[*] Looking Duckduckgo.
[*] No IPs discovered.
[*] No emails discovered.
[*] Hosts discovered: 27
———————
2Fblogs.microsoft.com
2Fdocs.microsoft.com
2Fdownload.microsoft.com
2Fmsdn.microsoft.com
2Fnews.microsoft.com
Docs.microsoft.com
account.microsoft.com
appsource.microsoft.com
azure.microsoft.com
azuremarketplace.microsoft.com
blogs.microsoft.com
browserdefaults.microsoft.com
careers.microsoft.com
selection.microsoft.com
copilot.microsoft.com
developer.microsoft.com
docs.microsoft.com
obtain.microsoft.com
go.microsoft.com
study.microsoft.com
msdn.microsoft.com
information.microsoft.com
privateness.microsoft.com
schemas.microsoft.com
assist.microsoft.com
techcommunity.microsoft.com
visualstudio.microsoft.com
Utilization Examples for Vulnerability Scanning
instance 1: Scan for open ports
sgpt –shell “Scan 192.168.2.22 for open ports”
instance 2: Scan for vulnerabilities
sgpt –shell “Scan 192.168.2.21 for vulnerabilities”
- nmap -sV –script=vuln 192.168.2.21
instance 3: Use Nikto to scan for net vulnerabilities
Improve SGPT
wget https://github.com/tbckr/sgpt/releases/obtain/v2.15.0/sgpt-2.15.0-1.armv7hl.rpm
sudo apt-get set up alien
sudo alien sgpt-2.15.0-1.armv7hl.rpm
sudo dpkg -i sgpt-2.15.0-1.armv7hl.rpmMovies
References
- https://github.com/TheR1D/shell_gpt
- https://notepad.51sec.org/51sec
