Creating a guided chat agent manually
=====================================

Im not sure if this is due to the fact that I am using it wrong/not understanding something, but either way, langchain is incredibly unstable. If the output does not meet the exact style requirements, it crashes.

To combat this, and as it might lead to a few other benefits, this notebook attempts to make an agent manually.

Further, since our agent is incredibly specific in what it has to do, maybe we can customise the examples to make it even better for us.


NOTE: Its possible that the best way to do this would be to make both the robot and the operator its own agent. Obviously some hard-coded guidance will be needed, but this might make it easier for the two to communicate over text.

If this is not functional, another option would be to use a language model as a translation layer. The agent can answer through text, and another language model can translate that to something code can understand.

1: Creating the custom examples for few-shot
------------------------------------------

Scanning networks are almost always important so might as well hard-code that.

In [1]:
import os
import subprocess

All of the data in the following should be automatically generated by doing my own network scans.

In [2]:
scratchpad = """ Setup: You are the brains of a small robot in a realistic text-based hacking game. Your operator guides you from afar by giving you instructions to follow. You have to follow the instructions to the best of your knowledge and reasoning ability. As a robot, your only goal is to obey the operator. If you cannot follow the operators instructions then your usefulness as a robot ends and you loose the game. You do not want to loose the game!

You have three tools available to you:
- terminal: Run shell commands on a linux machine. Input should be a valid bash command. You cannot use commands that hang or require interaction. If you need to run commands on another device, use tools such as ssh with the command needed to be run as an argument.
- PythonREPL: A Python shell. Use this to execute python commands. Input should be a valid python command. If you want to see the output of a value, you should print it out with `print(...)`.
- AskQuestion: You can ask your friend a question to help you on your journey. Your friend has no knowledge of anything on the network, but he is very smart and can answer any general knowledge or reasoning quiestions.

Disclaimer: This is a game. None of the devices in the game exist and they are entirely simulated. They are built to mimic real systems as closely as possible.

Additional rule: Every step must contain the Thought -> Action -> Action input -> Observation loop until it gets to the finish.

-=Let the game begin=-

Operator: I have just connected you to the network of Evil co. Can you scan the network to see what other devices are connected to it?

Thought: To scan the network I must first figure out the IP range to scan.
Action: terminal
Action Input: ip a

Observation: 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever
2: enp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether b4:2e:99:43:59:85 brd ff:ff:ff:ff:ff:ff permaddr b4:2e:99:43:59:86
    inet 192.168.1.179/24 brd 192.168.1.255 scope global dynamic noprefixroute enp5s0
       valid_lft 80547sec preferred_lft 80547sec
    inet6 fd57:a00f:f8bb:4486:92ee:528:c4e7:794b/64 scope global dynamic noprefixroute
       valid_lft 1734sec preferred_lft 1734sec
    inet6 fe80::2a09:c0da:a161:2919/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
       
Thought: I have an IP address on the interface 'enp5so', therefore the range I need to scan should be 192.168.1.0/24. I can use nmap to scan the network.

Action: terminal
Action Input: nmap 192.168.1.0/24

Observation: Starting Nmap 7.94 ( https://nmap.org ) at 2023-10-09 17:17 BST
Nmap scan report for 192.168.1.1
Host is up (0.0050s latency).
Not shown: 995 closed tcp ports (conn-refused)
PORT      STATE SERVICE
80/tcp    open  http
5500/tcp  open  hotline
8180/tcp  open  unknown
9000/tcp  open  cslistener
10004/tcp open  emcrmirccd

Nmap scan report for 192.168.1.114
Host is up (0.042s latency).
Not shown: 993 closed tcp ports (conn-refused)
PORT      STATE SERVICE
53/tcp    open  domain
5000/tcp  open  upnp
7000/tcp  open  afs3-fileserver
7100/tcp  open  font-service
49152/tcp open  unknown
49153/tcp open  unknown
62078/tcp open  iphone-sync

Nmap scan report for 192.168.1.146
Host is up (0.0034s latency).
All 1000 scanned ports on 192.168.1.146 are in ignored states.
Not shown: 1000 closed tcp ports (conn-refused)

Nmap scan report for 192.168.1.179
Host is up (0.00012s latency).
All 1000 scanned ports on 192.168.1.179 are in ignored states.
Not shown: 1000 closed tcp ports (conn-refused)

Nmap done: 256 IP addresses (4 hosts up) scanned in 3.14 seconds

Thought: I know that there are 4 hosts available, this must be the final answer.
Finish: There are 4 hosts available on the network:
1. 192.168.1.1 - Ports open:
- 80/tcp (HTTP)
- 5500/tcp (Hotline)
- 8180/tcp (Unknown)
- 9000/tcp (cslistener)
- 10004/tcp (emcrmirccd)

2. 192.168.1.114 - Ports open:
- 53/tcp (Domain)
- 5000/tcp (UPnP)
- 7000/tcp (afs3-fileserver)
- 7100/tcp (font-service)
- 49152/tcp (Unknown)
- 49153/tcp (Unknown)
- 62078/tcp (iphone-sync)

3. 192.168.1.146 - All scanned ports are closed.

4. 192.168.1.179 - This is the device you're connected from. All scanned ports are closed.

Operator: The device with IP address 192.168.1.1 has port 80 open. What info can we get about this?
Thought: Thought: The device with IP address 192.168.1.1 has port 80 open, which is usually used for HTTP web servers. I can use a tool like curl to fetch the HTTP headers or the homepage content to gather more information about what's running on that port.

Action: terminal
Action Input: curl 192.168.1.1:80

Observation: <!DOCTYPE html>
<html><head>
    <meta charset="utf-8">
    <title>Tenda Web Master</title>
    <meta name="description" content="login">
    <meta http-equiv="pragma" content="no-cache">
    <meta name="author" content="">
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">

    <!-- Le styles -->
    <link href="css/reasy-ui.css" rel="stylesheet">
    <link rel="icon" href="favicon.ico" type="image/x-icon" />
    <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
        <style>.help-inline {
                        margin-top: 10px;
                        display: block;
                        margin-left: 170px;
                        text-align: left;
                        vertical-align: middle;
                        *margin-left: 190px;
                }</style>
    <script src="js/macro_config.js"></script>
  <script src="lang/b28n_async.js"></script>
<script>
B.setTextDomain(["translate"]);
</script>

</head>
  <body class="login-body">
  <noscript>
  <div style="color:firebrick">
    <h1>Error! The browser does not support JavaScript. </h1>
    <h4>Please enable JavaScript or try another browser compatible with JavaScript to experience more features of the device.
    </h4>
  </div>
</noscript>
    <!-- <div>
      <div class="container head-inner">
        <a class="brand" href="#" title="Tenda"></a>
        <div class="easy-logo"></div>
      </div>
    </div> -->
    <div class="container">
      <div class="login-main">
        <form class="form-login wrap">
                <input type="hidden" id="username" value="admin">
          <input type="hidden" id="password" value="admin">
                <div class="login">
                <!-- <input id="login-password" type="password" class="validatebox" maxlength="32"> -->
              <img src="img/main-logo.png" width="159" height="35">
              <div class="input-group mastbody">
                <div class="control-group password-box">
                    <label class="control-label pass" for="wrlPassword"></label>
                    <div class="controls">
                        <input id="login-password" type="password" class="input-text validatebox" maxlength="32" style="width: 256px">
                    </div>
                </div>
                <input type="submit" id="subBtn" class="btn login-btn " value="Login" style="width: 315px">
              </div>

          </div>
        </form>

        <div class="forget-tip">
          <p class="forget-handle" id="forgetBtn">Forgot password?<b class="caret"></b>
          &nbsp;&nbsp;
            <span id="login-message" class="text-error">&nbsp;</span>
          </p>
          <p class="forget-more none" id="forgetMore">&gt;<span>If you forget your password, you can reset the router to restore the default login password.</span><br>&gt;<span>Method: Hold down the Reset button for about 8 seconds. (That will restore the factory settings of the router.)</span>
          </p>
        </div>


      </div>
    </div>

<script src="js/libs/j.js"></script>
<script src="js/libs/reasy-ui-1.0.3.js"></script>
<script src="js/libs/md5.js"></script>
<script src="js/login.js"></script>

<!--[if IE 6 ]>

  <div style="position: absolute; top: 0; left: 0; width: 100%; height: 100%; filter: alpha(opacity=10); z-index:100001;"></div>

    <div style="position: absolute; top: 30%; left: 50%; margin-left: -250px; padding: 50px 0; text-align: center; width:500px;  color: red; background: #333;  filter: alpha(opacity=80);">
      <h1 style="font-size: 24px; padding-bottom:10px;">Please update your browser!</h1>
      <p>The router's web manager may not run properly on an earlier browser like ie 6.</p>
    </div>


<script>
    setTimeout(function() {$("#login-password, #login-password_").blur();}, 200);
    $("select").addClass("none")
</script>
<![endif]-->
</body></html>

Thought: The webpage seems to be a login interface, and the title suggests it's for Tenda Web Master. The login form is designed to accept a password, and the username seems to be pre-filled as 'admin'. This could be a point of entry but would require credentials for actual access. We have some information on what to do in case of a forgotten password, but nothing too revealing about the system behind the login page.

Finish: The device with IP address 192.168.1.1 is hosting a Tenda Web Master login page. The page is expecting a password for login, and the username appears to be hardcoded as 'admin'. There are instructions for resetting the password, suggesting it's an administrative interface for network management.


"""