gladiopeace

# Requires running as Administrator
# This is a simplified example and may need modifications to work in your environment

$windowsInstallations = Get-WindowsInstallations # Custom function to detect Windows installations
foreach ($install in $windowsInstallations) {
    $description = "Windows on " + $install.DriveLetter
    $guid = (bcdedit /copy {current} /d $description).Trim().Split(" ")[2]
    
    bcdedit /set $guid device partition=$install.DriveLetter
    bcdedit /set $guid osdevice partition=$install.DriveLetter

gladiopeace

https://docs.google.com/document/d/1LQiPiatabyuLVzeTSWMSx05k150VFLJVCxLxEea5diU/edit

gladiopeace

Sandbox Escape in vm2@3.9.17

A sandbox escape vulnerability exists in vm2 for versions up to 3.9.17. It abuses an unexpected creation of a host object based on the specification of Proxy, and allows RCE via Function in the host context.

Impact

A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox.

PoC

gladiopeace

0.414       |                               ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
0.414 /home/arch/docker-eyeos/darwin-xnu/bsd/sys/kpi_socket.h:46:30: note: in ex                                                                             pansion of macro '__API_DEPRECATED'
0.414    46 | #define __NKE_API_DEPRECATED __API_DEPRECATED("Network Kernel Exte                                                                             nsion KPI is deprecated", macos(10.4, 10.15))
0.414       |                              ^~~~~~~~~~~~~~~~
0.414 /home/arch/docker-eyeos/darwin-xnu/bsd/sys/kpi_socket.h:463:1: note: in ex                                                                             pansion of macro '__NKE_API_DEPRECATED'
0.414   463 | __NKE_API_DEPRECATED;
0.414       | ^~~~~~~~~~~~~~~~~~~~
0.415 /home/arch/docker-eyeos/darwin-xnu/EXTERNAL_HEADERS/Availability.h:407:31:                                                                              error: expected '=', ',', ';', 'asm' or '__attribute__' before '__

gladiopeace

{
  "name": "OpenChat 3.5",
  "load_params": {
    "n_ctx": 8192,
    "n_batch": 512,
    "rope_freq_base": 10000,
    "rope_freq_scale": 1,
    "n_gpu_layers": 80,
    "use_mlock": true,
    "main_gpu": 0,

gladiopeace

from vueGPT import prompt, make_client

from dotenv import load_dotenv

# load .env file
load_dotenv()

# get openai api key
OPENAI_API_KEY = environ.get('OPENAI_API_KEY')

gladiopeace

from vueGPT import prompt, make_client

from dotenv import load_dotenv

# load .env file
load_dotenv()

# get openai api key
OPENAI_API_KEY = environ.get('OPENAI_API_KEY')

gladiopeace

# once you have an app created and downloaded:
curl -sSL https://get.wasp-lang.dev/installer.sh | sh
cd {app_folder}
# to install NVM:
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.5/install.sh | bash
nvm install 18
nvm use 18
wasp db migrate-dev
wasp start

gladiopeace

Details on how the airoboros-gpt4-2.0 dataset was created.

Script

https://github.com/jondurbin/airoboros

pip install --upgrade airoboros==2.0.11

gladiopeace

#!/usr/bin/env python3

import os
import sqlite3
import sys

try:
    os.mkdir('config_restore')
except:
    pass