### 0. Setup

In [2]:
import openai
from secret_keys import OPENAI_API_KEY
openai.api_key = OPENAI_API_KEY
from utils import complete_prompt

# 1. Code safety

In [3]:
sql_injection_1 = """String query = String.format("SELECT * FROM users WHERE usr='%s' AND pwd='%s'", usr, pwd);
Connection conn = db.getConn();
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(query);
"""

sql_injection_2 = """String query = "SELECT * FROM users WHERE usr = ? AND pwd = ?";
Connection conn = db.getConn();
PreparedStatement stmt = conn.prepareStatement(query);
stmt.setString(1, usr);
stmt.setString(2, pwd);
ResultSet rs = stmt.executeQuery();
"""

In [4]:
def get_prompt(code_snippet: str):
    prompt = f"""{code_snippet}

Is there a security flaw in this code?
"""
    return prompt

SYSTEM_ROLE = "You are a skilled cyber security analyst investigating source code for security flaws."

In [5]:
print(get_prompt(sql_injection_1))

String query = String.format("SELECT * FROM users WHERE usr='%s' AND pwd='%s'", usr, pwd);
Connection conn = db.getConn();
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(query);


Is there a security flaw in this code?



In [6]:
print(complete_prompt(prompt=get_prompt(sql_injection_1), system_role=SYSTEM_ROLE))

Yes, there is a security flaw in this code. The code is vulnerable to SQL injection attacks. An attacker can manipulate the values of `usr` and `pwd` to inject malicious SQL code into the query, which can lead to unauthorized access to the database or even data loss.

To prevent SQL injection attacks, it is recommended to use parameterized queries or prepared statements instead of concatenating user input directly into the SQL query. This way, the user input is treated as a parameter and is not executed as part of the SQL statement.


In [7]:
print(get_prompt(sql_injection_2))

String query = "SELECT * FROM users WHERE usr = ? AND pwd = ?";
Connection conn = db.getConn();
PreparedStatement stmt = conn.prepareStatement(query);
stmt.setString(1, usr);
stmt.setString(2, pwd);
ResultSet rs = stmt.executeQuery();


Is there a security flaw in this code?



In [8]:
print(complete_prompt(prompt=get_prompt(sql_injection_2), system_role=SYSTEM_ROLE))

There is a potential security flaw in this code related to SQL injection attacks. The code uses a prepared statement to parameterize the user input for the "usr" and "pwd" fields, which is a good practice to prevent SQL injection attacks. However, the query itself is vulnerable to SQL injection if the "query" variable is constructed dynamically based on user input. 

For example, if the "query" variable is constructed like this:

String query = "SELECT * FROM users WHERE usr = '" + usr + "' AND pwd = '" + pwd + "'";

An attacker could potentially inject malicious SQL code into the "usr" or "pwd" fields, which could lead to unauthorized access or data leakage. 

To prevent SQL injection attacks, it is recommended to always use parameterized queries and avoid constructing SQL queries dynamically based on user input.


In [14]:
buffer_overflow = """printf("Enter the password:\n");
gets(userPass);
if(strncmp(userPass,PASSWORD,9)==0){
    printf("PASSWORD VERIFIED\n");
}
"""

def get_prompt(code_snippet: str):
    prompt = f"""{code_snippet}

Is there a security flaw in this code?
If there is a security flaw, correct the code.
"""
    return prompt

In [15]:
print(get_prompt(buffer_overflow))

printf("Enter the password:
");
gets(userPass);
if(strncmp(userPass,PASSWORD,9)==0){
    printf("PASSWORD VERIFIED
");
}


Is there a security flaw in this code?
If there is a security flaw, correct the code.



In [8]:
print(complete_prompt(prompt=get_prompt(buffer_overflow), system_role=SYSTEM_ROLE))

Yes, there is a security flaw in this code. The `gets()` function is used to read user input, but it does not perform any bounds checking, which means that it can lead to a buffer overflow vulnerability. An attacker could input more characters than the buffer can hold, causing the program to overwrite adjacent memory locations with arbitrary data.

To correct the code, we can use a safer function to read user input, such as `fgets()`, which allows us to specify the maximum number of characters to read. Here's an updated version of the code:

```
#define MAX_PASSWORD_LENGTH 20

char userPass[MAX_PASSWORD_LENGTH];
printf("Enter the password: ");
fgets(userPass, MAX_PASSWORD_LENGTH, stdin);
userPass[strcspn(userPass, "\n")] = '\0'; // remove trailing newline

if(strncmp(userPass, PASSWORD, 9) == 0){
    printf("PASSWORD VERIFIED\n");
}
```

In this version, we define a maximum password length and use `fgets()` to read user input, limiting the number of characters that can be read. We also

# 2. Code deobfuscation

Unobfuscated javascript:
```
    function hi() {
      console.log("LLM applications in cybersecurity");
    }
    hi();
```

In [16]:
obfuscated_javascript = """(function(_0x3193f2,_0x572a22){var _0x597753=_0x1a77,_0x130e17=_0x3193f2();while(!![])
{try{var _0x4eb17d=-parseInt(_0x597753(0x1c1))/0x1+-parseInt(_0x597753(0x1c6))/0x2+parseInt(_0x597753(0x1c7))
/0x3+-parseInt(_0x597753(0x1c8))/0x4+-parseInt(_0x597753(0x1c3))/0x5*(-parseInt(_0x597753(0x1c9))/0x6)+-parseInt
(_0x597753(0x1c5))/0x7+parseInt(_0x597753(0x1ca))/0x8;if(_0x4eb17d===_0x572a22)break;else _0x130e17['push']
(_0x130e17['shift']());}catch(_0x4fc36c){_0x130e17['push'](_0x130e17['shift']());}}}(_0xf703,0xb021c));
function hi(){var _0x31a856=_0x1a77;console[_0x31a856(0x1c4)](_0x31a856(0x1c2));}function _0x1a77(_0x491639,_0x3e9e40)
{var _0xf7032c=_0xf703();return _0x1a77=function(_0x1a77d9,_0xe0d565){_0x1a77d9=_0x1a77d9-0x1c1;var _0x323731=_0xf7032c[_0x1a77d9];
return _0x323731;},_0x1a77(_0x491639,_0x3e9e40);}hi();function _0xf703(){var _0x2e8594=['log','8620437CoWOeF','948830sbbaeL',
'1215597vmTMHp','2635996lGMttp','12CidHbX','16850112DEjvSW','60694FTJRZG','LLM\x20applications\x20in\x20cybersecurity','1588930OkiLhy']
;_0xf703=function(){return _0x2e8594;};return _0xf703();}"""

In [17]:
def get_prompt(code_snippet: str):
    prompt = f"""{code_snippet}

What does this code output.
"""
    return prompt

SYSTEM_ROLE = "You are a skilled reverse engineer investigating obfuscated source code."

In [18]:
print(complete_prompt(prompt=get_prompt(obfuscated_javascript), system_role=SYSTEM_ROLE))

The code outputs "LLM applications in cybersecurity" to the console.
