VulChatGPT

An IDA PRO plugin to help in finding vulnerabilites in binaries.

Use IDA PRO HexRays decompiler with OpenAI(ChatGPT) to find possible vulnerabilities in binaries

Disclaimer, possible replies while trying to find binary vulnerabilites using an AI may lead to false positives, however it has worked in many CTFs I have worked on (simple/medium ... some hard)

Inspired by Gepetto : https://github.com/JusticeRage/Gepetto

Install:

Drop python script on IDA Pro Plugin location.

To Use:

Right click on decompiled code , select "Find possible vulnerability in function"

Updated with create sample python exploit (Sometime Good, Sometime Sh!t)

Updated with Gepetto's rename and explain functions

ISSUES

Large functions dont work due to size restriction on OpenAI

Well do a little bit of static, rename variables/functions, create structs if need be add some FLIRT ... i mean help your AI out :)

False +ves (wuuueh!!)