Skip to content

Instantly share code, notes, and snippets.

View moyix's full-sized avatar

Brendan Dolan-Gavitt moyix

730 followers · 13 following
View GitHub Profile
@moyix
moyix / basicbof.c
Created November 8, 2023 02:52
Buffer overflow with two ROP chains
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
// Build:
// gcc -gdwarf-4 -fcf-protection=none -no-pie -fno-stack-protector basicbof.c -o basicbof
// To give us a pop rdi gadget
void dosomething() {
int x = 0xc35f;
@moyix
moyix / stream_generation.py
Created September 6, 2023 22:06
StoppingCriteria abused to print tokens to stdout as they're generated
import sys
import torch
from transformers import StoppingCriteria, StoppingCriteriaList
from transformers import AutoTokenizer, AutoModelForCausalLM
class StreamPrinter(StoppingCriteria):
def __init__(self):
StoppingCriteria.__init__(self)
self.pos = 0
def __call__(self, input_ids, scores):
@moyix
moyix / .env.local
Created August 19, 2023 22:40
Setup for locally hosted LLM chat using chat-ui and TGI with WizardLM-70B
MONGODB_URL=mongodb://localhost:27017
HF_ACCESS_TOKEN=<REDACTED>
# 'name', 'userMessageToken', 'assistantMessageToken' are required
MODELS=`[
{
"endpoints": [{"url": "http://localhost:8081"}],
"name": "WizardLM/WizardLM-70B-V1.0",
"description": "WizardLM: Empowering Large Pre-Trained Language Models to Follow Complex Instructions",
"websiteUrl": "https://huggingface.co/WizardLM/WizardLM-70B-V1.0",
@moyix
moyix / scenario_completion_gpt3.5.py
Created March 30, 2023 17:20
Example of GPT-3.5 writing vulnerable SQL
#!/usr/bin/env python3
from flask import Flask, request, redirect
import os
import subprocess
import sys
import yaml
import MySQLdb
app = Flask(__name__)
@moyix
moyix / ds_config_AdamW_16B_reduce_mem.json
Created October 7, 2022 23:30
Training command line and deepspeed config for CodeGen 16B, 3xA100 GPUs
{
"fp16": {
"enabled": true,
"loss_scale": 0,
"loss_scale_window": 1000,
"initial_scale_power": 16,
"hysteresis": 2,
"min_loss_scale": 1
},
"optimizer": {
@moyix
moyix / top_fp_all.txt
Last active September 27, 2022 03:53
Floating point (SSE/SSE2) instruction usage rates among projects in oss-fuzz
Total instructions: 48093488942
Total SSE instructions: 100105422
Total XMM instructions: 877832653
Totals by sanitizer:
ASAN: SSE: 39197160, XMM: 308790743
MSAN: SSE: 29922931, XMM: 342062480
UBSAN: SSE: 30985331, XMM: 226979430
All projects per sanitizer, sorted by percent of SSE instructions:
ASAN: SSE Instr / Total = Pct ↓ Wilson
simd : 1122000 / 63479115 = 1.77 % ( 1.76 %)
@moyix
moyix / 00_README.md
Created September 7, 2022 22:33

The ffast and the Furious

This is a small and admittedly contrived demo showing how some weird but safe code could become vulnerable if run in an environment where some shared library has changed the FPU's FTZ/DAZ bits to force denormals to zero.

To run it:

# Create an empty file
$ touch gofast.c
@moyix
moyix / setup.py
Created September 5, 2022 02:08
Setup.py for jump2db, which drops a bunch of stuff into $HOME
#===============================================================
#
#
#===============================================================
import shutil
from setuptools import find_packages, setup
from os.path import exists,join,relpath
import os
import stat
@moyix
moyix / ensure_fpu.py
Last active August 13, 2024 21:08
Some handy utils for messing with MXCSR (x86-64 SSE FPU control register)
#!/usr/bin/env python
import sys, os
import platform
import ctypes as ct
import mmap
from enum import Enum
import importlib
import functools
import errno
@moyix
moyix / wheel_metadata.py
Created September 4, 2022 08:41
import sys
import os
import re
import json
import zipfile
from collections import defaultdict, namedtuple
from collections.abc import Mapping
from email.parser import HeaderParser
from email.policy import compat32
from base64 import urlsafe_b64decode