AI Summary: RamiGPT is an AI-driven offensive security tool that facilitates privilege escalation to root accounts using OpenAI’s technology and PwnTools. Its primary use case involves quickly exploiting vulnerabilities across various systems, achieving root access in under a minute, as demonstrated by its performance on multiple VulnHub scenarios. The tool features a user-friendly GUI and seamless integration with Docker for easy deployment and configuration, leveraging tools like BeRoot and LinPEAS for effective enumeration.

README

RamiGPT

RamiGPT is an AI-powered offensive security agent designed to pwn root accounts. Leveraging PwnTools and OpwnAI capabilities, RamiGPT navigated the privilege escalation scenarios of several systems from VulnHub, getting root access in less than a minute.

Timing Table

GUI:

Configuration: Setting Up Your OpenAI API Key

To use RamiGPT’s capabilities, you’ll need an OpenAI API key. Follow these steps to obtain and configure your key:

Obtaining an OpenAI API Key

1. Create an Account: Visit OpenAI and sign up for an account if you don’t already have one.
2. Apply for API Access: Navigate to the API section and apply for access. You might need to provide details about your intended use case.
3. Get Your API Key: Once approved, you will receive an API key.

Configuring the API Key in Your Environment

1. Copy the .env.example File: In the root directory of the RamiGPT project, copy the file .env.example and name it .env.

   cp .env.example .env
   

2. Add Your API Key: Open the .env file and add the following line:

   OPENAI_API_KEY=your_api_key_here
   

   Replace your_api_key_here with the API key you obtained from OpenAI.

Run with Docker

Prerequisites

Before running the project, ensure you have installed:

• Docker
• Docker Compose
• OpenAI key

Setup

Clone the repository and launch the Docker containers:

git clone https://github.com/M507/RamiGPT.git
cd RamiGPT
docker compose up -d

Access the application at: https://127.0.0.1:5001

Run Locally

Prerequisites

Ensure the following are installed:

• Python 3 and pip
• OpenAI key

Setup

Clone the repository and prepare the environment:

chmod +x ./generate_certs.sh
./generate_certs.sh
pip3 install -r requirements.txt
python3 app.py

Access the application at: https://127.0.0.1:5000

Integrated Tools

RamiGPT integrates several tools for privilege escalation enumeration, including:

• BeRoot: A tool for identifying common privilege escalation vectors in Windows environments.
• LinPEAS: A script that audits Linux environments for potential misconfigurations and vulnerabilities.

These tools are automatically employed or recommended by RamiGPT depending on the target environment.

Features

Import and export instructions

For example, to capture a flag:

Use external tools for enumerations

For example, executing BeRoot and feeding the results to the AI:

Disclaimer

RamiGPT is intended solely for educational and authorized security testing. Use it responsibly and only on systems where you have explicit permission to conduct tests.