search

e-m-b-a / emba

EMBA - The firmware security analyzer
https://www.securefirmware.de
GNU General Public License v3.0
2.72k stars 236 forks source link

Error with Chat GPT Key #1360

Open busby666 opened 3 weeks ago

busby666 commented 3 weeks ago

Modified the config/gpt_config.env.template with the directions on page: https://github.com/e-m-b-a/emba/wiki/AI-supported-firmware-analysis

Then I copied the gpt_config.env.templage to gpt_config.env.

I attempted to test doing the command: ./emba -U

Then I get a TON of errors. [-] ChatGPT error while testing the API-Key: KEYREDACTED OpenAI-API key - not ok [-] ChatGPT error while testing the API-Key: KEYREDACTED OpenAI-API key - not ok [-] ChatGPT error while testing the API-Key: KEYREDACTED OpenAI-API key - not ok [-] ChatGPT error while testing the API-Key: KEYREDACTED OpenAI-API key - not ok [-] ChatGPT error while testing the API-Key: KEYREDACTED OpenAI-API key - not ok [-] ChatGPT error while testing the API-Key: KEYREDACTED OpenAI-API key - not ok [-] ChatGPT error while testing the API-Key: KEYREDACTED OpenAI-API key - not ok

Here is the .ENV File OPENAI_API_KEY="KEYREDACTED" GPT_QUESTION="For the following code I need you to tell me how an attacker could exploit it and point out all vulnerabilities." MAXMIUM_GPT_PRIO=3

Do I have some error? Do you have a better way for me to test and I will double check the API KEY.

busby666 commented 3 weeks ago

Additionally; if you do the ./emba -U when it gets to verify the ChatGPT KEY it seems to be in an infinite loop.

busby666 commented 3 weeks ago

Did a TEST connection with Curl and get an error that the ONE call to test was too much. I notice the model is GPT-40-mini. Is there another I should test with?

BenediktMKuehne commented 3 weeks ago

Model can be set under _config/gpttemplate.json , that's the template used for openai-api calls. Here are the model options: https://platform.openai.com/docs/models

I'm asuming you tested with something like this: curl -sS https://api.openai.com/v1/chat/completions -H "Content-Type: application/json" \ -H "Authorization: Bearer ${OPENAI_API_KEY}" \ -d @"${CONFIG_DIR}/gpt_template.json" --write-out "%{http_code}" -o /tmp/chatgpt-test.json

What exactly was the error? Ratelimit? I haven't used this feature in a while, maybe they changed something

busby666 commented 3 weeks ago

The MODEL in the JSON file is gpt-3.5-turbo. looks like according to the link you gave me the model might need to be: gpt-3.5-turbo-0125 but according to the documentation should work fine.

I typed the CURL command and get the same error:

{ "error": { "message": "You exceeded your current quota, please check your plan and billing details. For more information on this error, read the docs: https://platform.openai.com/docs/guides/error-codes/api-errors.", "type": "insufficient_quota", "param": null, "code": "insufficient_quota" } } 429

Tried a few other models and always get the same thing.

any suggestions; should we try grok; looks like the syntax would be similar?

BenediktMKuehne commented 3 weeks ago

I have never used it. Does it have advantages over open-ai?

busby666 commented 3 weeks ago

No I was just trying to get the "AI" Module and did not know if anyone had tried GROK with it or if the same issues about having to pay for everything exists. That is what I get from the API TESTS with openai now.